Security News
There is a side-channel attack against YubiKey access tokens that allows someone to clone a device. It’s a complicated attack, requiring the victim’s username and password, and physical access to...
SonicWall is warning that a recently fixed access control flaw tracked as CVE-2024-40766 in SonicOS is now "potentially" exploited in attacks, urging admins to apply patches as soon as possible. [...]
Ransomware is an all-too-common occurrence: 83% of organizations have experienced at least one ransomware attack in the last year, 46% of respondents experienced four or more and 14% indicated...
The United States and its allies have linked a group of Russian military intelligence hackers (tracked as Cadet Blizzard and Ember Bear) to Unit 29155 of Russia's Main Directorate of the General...
Yet, another critical severity vulnerability has been discovered in LiteSpeed Cache, a caching plugin for speeding up user browsing in over 6 million WordPress sites. [...]
The Chinese-speaking threat actor known as Earth Lusca has been observed using a new backdoor dubbed KTLVdoor as part of a cyber attack targeting an unnamed trading company based in China. The...
Cisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote attackers to elevate their privileges or access...
Feds warn of 'highly tailored, difficult-to-detect social engineering campaigns' The FBI has warned that North Korean operatives are plotting "complex and elaborate" social engineering attacks...
93GB of info feared pilfered in Montana by heartless crooks Planned Parenthood of Montana's chief exec says the org is responding to a cyber-attack on its systems, and has drafted in federal law...
The MacroPack framework, initially designed for Red Team exercises, is being abused by threat actors to deploy malicious payloads, including Havoc, Brute Ratel, and PhatomCore. [...]