Security News

The supply chain attack targeting widely-used Polyfill[.]io JavaScript library is wider in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are...

As the use of the cloud continues to be strategically vital to many organizations, cloud resources have become the biggest targets for cyberattacks, with SaaS applications (31%), cloud storage...

Cybersecurity researchers have uncovered a new botnet called Zergeca that's capable of conducting distributed denial-of-service (DDoS) attacks. Written in Golang, the botnet is so named for its...

78% of organizations are tracking AI as an emerging risk while simultaneously adopting the technology themselves, according to AuditBoard. The report, based on a survey of over 400 security professionals in the US involved in their organization's approach to cybersecurity and digital risk, reveals organizations are making significant strides in digital risk management compared to previous years.

A threat actor compromised Ethereum's mailing list provider and sent to over 35,000 addresses a phishing email with a link to a malicious site running a crypto drainer. Ethereum disclosed the incident in a blog post this week and said that it had no material impact on users.

Improved cyber hygiene among businesses has led to a reduction in cyber insurance premiums by 15% worldwide over the last two years, a new report from Howden Insurance Brokers has found. "Sarah Neild, head of cyber retail U.K. at Howden, explained why the cost of cyber insurance has declined. She told TechRepublic in an email,"Increased risk awareness off the back of persistent and high-profile attacks is one reason.

Hackers are targeting older versions of the HTTP File Server from Rejetto to drop malware and cryptocurrency mining software. The researchers say that during the attacks the hackers collect information about the system, install backdoors and various other types of malware.

Microsoft has identified two critical vulnerabilities in Rockwell Automation's PanelView Plus, enabling remote, unauthenticated attackers to execute arbitrary code and cause a denial-of-service (DoS). Researcher Yuval Gordon explained that the remote code execution flaw exploits custom classes to upload malicious DLLs, while the DoS vulnerability sends unmanageable crafted buffers, crashing the system.The vulnerabilities, CVE-2023-2071 and CVE-2023-29464, with CVSS scores of 9.8 and 8.2, respectively, involve improper input validation. CVE-2023-2071 affects FactoryTalk View Machine Edition versions 13.0, 12.0, and earlier, allowing remote code execution. CVE-2023-29464 impacts FactoryTalk Linx versions 6.30, 6.20, and earlier, enabling data reading from memory and DoS through oversized packets.

Europol just announced that a week-long operation at the end of June dropped nearly 600 IP addresses that supported illegal copies of Cobalt Strike. "Used as a foothold, it has proven to be highly effective at providing a persistent backdoor to victims, facilitating intrusions of all forms. This disruption is to be welcomed, removing Cobalt Strike infrastructure used by criminals is always a good thing."

Brazil's data protection authority, Autoridade Nacional de Proteção de Dados (ANPD), has temporarily banned Meta from processing users' personal data to train the company's artificial intelligence...