Security News > 2023 > October
Despite the disruption to its infrastructure, the threat actors behind the QakBot malware have been linked to an ongoing phishing campaign since early August 2023 that led to the delivery of...
A vulnerability in the GNU C Library can be exploited by attackers to gain root privileges on many popular Linux distributions, according to Qualys researchers. Dubbed "Looney Tunables", CVE-2023-4911 is a buffer overflow vulnerability in the dynamic loader's processing of the GLIBC TUNABLES environment variable.
Microsoft research says that 80-90 percent of ransomware attacks over the past year originated from unmanaged devices. The threat BYOD presents is compounded by the steep rise in overall ransomware incidents this year; Microsoft says human-operated ransomware attacks are up by more than 200 percent since September 2022.
Cisco has released updates to address a critical security flaw impacting Emergency Responder that allows unauthenticated, remote attackers to sign into susceptible systems using hard-coded...
Elections around the world are facing an evolving threat from foreign actors, one that involves artificial intelligence. Countries trying to influence each other's elections entered a new era in 2016, when the Russians launched a series of social media disinformation campaigns targeting the US presidential election.
Nowadays, more malware developers are using unconventional programming languages to bypass advanced detection systems. The Node.js malware Lu0Bot is a testament to this trend. By targeting a...
Apple has released a security update for iOS and iPadOS to fix another zero-day vulnerability exploited in the wild. "Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6," the company stated.
A governmental entity in Guyana has been targeted as part of a cyber espionage campaign dubbed Operation Jacana. The activity, which was detected by ESET in February 2023, entailed a...
Atlassian has fixed a critical zero-day vulnerability in Confluence Data Center and Server that is being exploited in the wild."Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances," the company said.
The Lorenz ransomware group leaked the details of every person who contacted it via its online contact form over the course of the last two years. The data includes names, email addresses, and the subject line entered into the ransomware group's limited online form to request information from Lorenz.