According to one security expert, e-commerce websites generally struggle to keep their sites secure and frequently include weak code from supply-chain partners or third…
General
General
300K Installations of Malicious Android Apps Were Discovered on Google Play
Security experts have identified three Android malware families that have infiltrated the Google Play Store and are concealing their harmful payloads inside several ostensibly…
General
Black Basta Ransomware Gang Attacks Building Materials Major Knauf
The Knauf Group has disclosed that it was the victim of a cyberattack that interfered with its business operations and compelled its worldwide IT…
General
New CloudMensis Spyware Discovered by Experts Targeting Apple macOS Users
Security experts have revealed previously unknown spyware that targets the Apple macOS operating system. The malware, known as CloudMensis by the Slovak cybersecurity company…
General
Government of Albania Suffers “Massive Cyber-Attack”
The websites of the federal government of Albania were taken offline by a “massive cyber-attack.” The federal government claimed that the tragedy was the…
General
Remote Code Execution is Caused via Prototype Pollution in Blitz.js.
A critical prototype pollution vulnerability in Blitz.js, a JavaScript online application framework, has been patched to prevent remote code execution (RCE) on Node.js servers.…
General
Password History Requirement in Windows AD to Reduce Password Reuse
Longtime advocates of password restrictions that prevent users from using their old passwords again include IT security experts. For instance, Netwrix advises configuring your…
General
Most Enterprise Vendors, According To A New Study, Are Failing To Mitigate Attacks Using Speculative Execution
In light of the fact that speculative execution assaults continue to be a vulnerability afflicting current CPUs, recent study has revealed a “industry failure”…
General
Sality Virus Penetrates Industrial Systems Via A Password Recovery Application
A threat actor is using password “cracking” software for programmable logic controllers to infect industrial control systems (ICS) and turn them into a botnet…
General
Attackers Look For Weak Plugins on 1.6 Million WordPress Sites
Security experts have discovered a large-scale operation that searched over 1.6 million WordPress websites for the presence of a flaky plugin that permits file…