Security News > 2023 > January

Hackers have leveraged a critical remote code execution vulnerability in Realtek Jungle SDK 134 million attacks trying to infect smart devices in the second half of 2022. Unit 42 logged activity leveraging CVE-2021-35394 from all over the world but almost half of the attacks originated from the United States.

The 2023 Masters in Cyber Security Certification Bundle helps you do just that. This collection of nine full-length courses helps you become a true expert in ethical hacking, and it even includes prep for top professional certifications.

The dangers of 5G security Networks are only as strong as their weakest link Must-read security coverage. Among other things, 5G constitutes networks linked, often weakly, because each network and device within it may have different security protocols and technology.

A massive campaign has infected over 4,500 WordPress websites as part of a long-running operation that's been believed to be active since at least 2017. According to GoDaddy-owned Sucuri, the infections involve the injection of obfuscated JavaScript hosted on a malicious domain named "Track[.]violetlovelines[.]com" that's designed to redirect visitors to unwanted sites.

Over several weeks in October of 2022, Specops collected 4.6 million attempted passwords on their honeypot system. Though the examples given here focused on RDP connections, a honeypot is not limited to that type of connection, and any remote access system is subject to attacks, like SSH. What should an organization do to minimize the potential damage?

A new Python-based malware has been spotted in the wild featuring remote access trojan capabilities to give its operators control over the breached systems. The PY#RATION malware is distributed via a phishing campaign that uses password-protected ZIP file attachments containing two shortcut.

More and more security teams are now turning to the emerging category of purpose-built Browser Security Platform as the answer to the browser's security challenges. As this security solution category is still relatively new, there is not yet an established set of browser security best practices, nor common evaluation criteria.

The hackers who breached Riot Games last week are asking for $10 million not to leak the stolen source code for the company's popular League of Legends online game. Last week, Riot Games said that systems in their development environment were compromised via a social engineering attack and promised more details soon.

Webinar The implementation of lockdowns during the maelstrom of the Coronavirus pandemic led to fast track changes to traditional work practices. The answer was remote working, which grew by 46 percent in April 2020 according to the UK's Office for National Statistics.

The head of both US Cyber Command and the NSA, Gen. Paul Nakasone, broadly discussed that first organization's offensive cyber operations during the runup to the 2022 midterm elections. "We did conduct operations persistently to make sure that our foreign adversaries couldn't utilize infrastructure to impact us," said Nakasone.