Security News

I serves as a unified platform to consolidate observables, indicators of compromise, TTPs, and threat-related knowledge. It enhances observables automatically, such as domain resolution and IP geolocation, saving you the effort.

Our cell phone is possibly even more vulnerable today than an experimental chip injected under the skin, since this chip, although susceptible to hacking, has a very limited function, while the cell phone is exposed to countless threats. "What can be hacked is the technology, not the body itself. A vulnerable device can be hacked both outside and inside the body. What we need to pay attention to is the security of the technology we are trying to implant," he points out.

A critical flaw in Atlassian Confluence Data Center and Server has been exploited by a state-backed threat actor, Microsoft's threat analysts have pinpointed. CVE-2023-22515 was initially classified as a critical privilege escalation vulnerability affecting Confluence Data Center and Server versions 8.0.0 and later, but then re-classified as an issue stemming from broken access control.

A Gaza-based threat actor has been linked to a series of cyber attacks aimed at Israeli private-sector energy, defense, and telecommunications organizations. Microsoft, which revealed details of...

The US Cybersecurity and Infrastructure Security Agency and the National Security Agency are blaming unchanged default credentials as the prime security misconfiguration that leads to cyberattacks. The misconfigurations in the CSA illustrate a trend of systemic weaknesses in many large organizations, including those with mature cyber postures, and highlights the importance of software manufacturers embracing secure-by-design principles to reduce the burden on network defenders.

Despite the disruption to its infrastructure, the threat actors behind the QakBot malware have been linked to an ongoing phishing campaign since early August 2023 that led to the delivery of...

The malware is under rapid development, with updates adding new features and bug fixes. Researchers at cloud security company Zscaler note that BunnyLoader is quickly becoming popular among cybercriminals as a feature-rich malware available for a low price.

Cybersecurity experts have discovered yet another malware-as-a-service (MaaS) threat called BunnyLoader that's being advertised for sale on the cybercrime underground. "BunnyLoader provides...

VMware customers have growing concerns about the state of the virtualization software and the company behind it - ranging from rising licensing costs, ransomware vulnerabilities and a diminishing quality of support, according to VergeIO. 84% of respondents indicated that they were concerned about VMware's current and future costs, with many highlighting "Per-core" renewal quotes and licensing agreements that require a commitment to year-over-year spending increases as additional points of distress. With a rise in ransomware attacks exploiting specific VMware vulnerabilities, 77% of customers worried about their data resiliency.

Chinese minister for national security Chen Yixin has penned an article rating the digital risks his country faces and rated network security incidents as the most realistic source of harm to the Chinternet - both in terms of attacks and the dissemination of fake news. The article appeared in China Cyberspace, the official organ of regulator the Cyberspace Administration of China.