CERT-In, India’s computer and emergency response organisation, released new guidelines on Thursday that service providers, intermediaries, data centres, and government institutions should disclose cybersecurity incidents, including data breaches, within six hours. “Any service provider, intermediary, data centre, body corporate, and…
On Thursday, Microsoft said it had patched a pair of flaws with the Azure Database for PostgreSQL Flexible Server that can lead to unauthorised cross-account database access in a region. “By exploiting an elevated permissions bug in the Flexible Server…
Instead of encrypting files larger than 2MB, a new Onyx ransomware operation is destroying them, preventing them from being decrypted even if a ransom is paid. MalwareHunterTeam, a security research firm, found Onyx, a new ransomware operation, last week. Onyx…
The US Cybersecurity and Infrastructure Security Agency (CISA) has included seven new vulnerabilities to its list of actively exploited security concerns, including Microsoft, Linux, and Jenkins vulnerabilities. The ‘Known Exploited Vulnerabilities Catalog’ is a list of vulnerabilities that have been…
Attackers are planting RedLine Stealer trojan using an exploit kit. The attackers are taking advantage of an Internet Explorer flaw which was fixed by Microsoft last year. “When executed, RedLine Stealer performs recon against the target system (including username, hardware,…
Cybersecurity authorities around the world have released a list of the top 15 vulnerabilities regularly exploited by threat actors in 2021, in collaboration with the NSA and the FBI. In a joint alert, the cybersecurity authorities recommended enterprises to patch…
Academic grades were at danger due to a SQL injection (SQLi) vulnerability in an open-source platform established by Greek universities to manage student data. According to a blog post published by security researcher Stavros Mekesis, miscreants exploiting the weakness in…
Researchers have found a new infostealer on cybercrime forums having innumerable features. It can not only pilfer victims’ data but also execute financial thefts using clippers and keylogging. Researchers from Cyble have tracked Prynt Stealer in the wild and analysed…
Security researchers have revealed a security issue that could enable attackers to exploit the VirusTotal platform for remote code execution (RCE) on unpatched third-party sandboxing machines employed by antivirus engines. The vulnerability, now fixed, allowed to “execute commands remotely within…
The U.S. Federal Bureau of Investigation (FBI) has warned the public of the BlackCat ransomware-as-a-service (RaaS). The ransomware has affected 60 entities globally as of March 2022 (Emerged in November 2021). The ransomware, also known as ALPHV and Noberus, is…
