Security News > 2023
Cloud storage provider Box is down in a 'critical' outage, preventing customers from accessing their files. The outage started at approximately 9 AM ET, with the company stating that it is a critical outage impacting logins, uploads, downloads, and API calls.
Delta Dental of California and its affiliates are warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental of California is a dental insurance provider that covers 45 million people across 15 states and is part of the Delta Dental Plans Association.
Delta Dental of California is warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental is a dental insurance provider that covers 85 million people across 50 states, but this data breach notice concerns the California division of the company.
Dubbed "NKAbuse" by the researchers, the Go-based backdoor offers criminal attackers a range of possibilities, including being able to DDoS or fling remote access trojans, and leans on NKN for more anonymous yet reliable data exchange. NKN is an open source protocol that lets users perform a peer-to-peer data exchange over a public blockchain - like a cross between a traditional blockchain and the Tor network.
A new botnet consisting of firewalls and routers from Cisco, DrayTek, Fortinet, and NETGEAR is being used as a covert data transfer network for advanced persistent threat actors, including the...
Crypto hardware wallet maker Ledger published a new version of its "@ledgerhq/connect-kit" npm module after unidentified threat actors pushed malicious code that led to the theft of more than...
The classical definition of a robot is something that senses, thinks, and acts-that's today's Internet. We've been building a world-sized robot without even realizing it.
ESET researchers analyzed a growing series of new OilRig downloaders that the group used in several campaigns throughout 2022 to maintain access to target organizations of special interest, all located in Israel. These downloaders share similarities with the MrPerfectionManager and PowerExchange backdoors - other recent additions to OilRig's toolset that use email-based C&C protocols - with the difference that SC5k, OilBooster, ODAgent, and OilCheck use attacker-controlled cloud service accounts rather than the victim's internal infrastructure.
Web Application Security consists of a myriad of security controls that ensure that a web application: Functions as expected. Cannot be exploited to operate out of bounds. Cannot initiate...
Multiple security vulnerabilities have been discovered in the open-source Netgate pfSense firewall solution called pfSense that could be chained by an attacker to execute arbitrary commands on...