Security News

An ongoing phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a polyglot file, according to the Computer Emergency Response Team of Ukraine. In a related advisory, Ukraine's cybersecurity authority also revealed details of destructive attacks orchestrated by a group known as UAC-0165 against public sector organizations.

Roid security updates released this month patch a high-severity vulnerability exploited as a zero-day to install commercial spyware on compromised devices. According to a Google Threat Analysis Group report published in March, it was exploited as part of a complex chain of multiple 0-days and n-days in a spyware campaign targeting Samsung Android phones.

Canadian diversified software company Constellation Software confirmed on Thursday that some of its systems were breached by threat actors who also stole personal information and business data. Constellation Software acquires, manages, and builds software businesses through six operating groups: Volaris, Harris, Jonas, Vela Software, Perseus Group, and Topicus.

Security researchers warn that the 'Advanced Custom Fields' and 'Advanced Custom Fields Pro' WordPress plugins, with millions of installs, are vulnerable to cross-site scripting attacks. The two plugins are among WordPress's most popular custom field builders, with 2,000,000 active installs on sites worldwide.

Cyber-risk levels have improved from "Elevated" to "Moderate" for the first time, but insiders represent a persistent threat for global organizations, according to Trend Micro. Jon Clay, VP of threat intelligence at Trend Micro: "For the first time since we've been running these surveys, we saw the global cyber risk index not only improve but move into positive territory at +0.01. It means that organizations may be taking steps to improve their cyber-preparedness. There is still much to be done, as employees remain a source of risk. The first step to managing this is to gain complete and continuous attack surface visibility and control."

Cisco has disclosed a vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters, allowing an unauthenticated, remote attacker to execute arbitrary code on the devices. These phone adapters are a popular choice in the industry for incorporating analog phones into VoIP networks without upgrading.

The City of Dallas, Texas, has suffered a Royal ransomware attack, causing it to shut down some of its IT systems to prevent the attack's spread. Dallas is the ninth largest city in the United States, with a population of approximately 2.6 million people, according to US census data.Today, the City of Dallas confirmed that a ransomware attack caused the disruption.

Orqa, a maker of First Person View drone racing goggles, claims that a contractor introduced code into its devices' firmware that acted as a time bomb designed to brick them. On early Saturday, Orqa started receiving reports from customers surprised to see their FPV.One V1 goggles enter bootloader mode and become unusable.

The City of Dallas, Texas, has suffered a ransomware attack, causing it to shut down some of its IT systems to prevent the attack's spread. Dallas is the ninth largest city in the United States, with a population of approximately 2.6 million people, according to US census data. Local media reported that the City's police communications and IT systems were shut down Monday morning due to a suspected ransomware attack.

We will discuss how organizations can proactively improve their security posture by embracing technology and implementing best practices to defend against these advanced threats. One of the primary ways web applications can be targeted is through vulnerability exploitation searches, where attackers focus on known vulnerabilities in web servers, databases, content management systems, and third-party libraries.