New Submarine malware found on hacked Barracuda ESG appliances
CISA says new malware known as Submarine was used to backdoor Barracuda ESG (Email Security Gateway) appliances by exploiting a now-patched zero-day bug. A suspected…
Month: July 2023
N. Korean Lazarus Group Suspected in $37.3M CoinsPaid Crypto Heist
IN SUMMARY Crypto theft date: July 22, 2023 CoinsPaid strengthens systems post-attack Blockchain Security firms Chainalysis and Match Systems aid the investigation Cryptocurrency payments platform…
The Week in Ransomware – July 28th 2023
With ransom payments declining, ransomware gangs are evolving their extortion tactics to utilize new methods to pressure victims. This was seen by both the Clop…
Apple says new App Store API rules will limit user fingerprinting
Starting this fall, Apple has announced that developers will be required to provide a reason for using certain APIs that can collect information from their…
Ivanti patches new zero-day exploited in Norwegian govt attacks
Ivanti has fixed another vulnerability in the Endpoint Manager Mobile software (formerly MobileIron Core), exploited as a zero-day to breach the IT systems of a dozen ministries in…
Android users can now detect Bluetooth trackers, such as AirTag, without the need for an app
In the month of May, both Google and Apple made the announcement that they were going to work together to stop intrusive monitoring using AirTags…
CISA warns of breach risks from IDOR web app vulnerabilities
CISA warned today of the significant breach risks linked to insecure direct object reference (IDOR) vulnerabilities impacting web applications in a joint advisory with the…
Malvertising Attack Drops BlackCat Ransomware via Fake Search Results
IN SUMMARY The attack lures users into downloading malicious versions of well-known apps through Google Search results. These apps include AnyDesk, AnyConnect, WinSCP, Treesize, Cisco,…
Risks of opening up AI
Earlier in July, Meta, the parent company of Facebook, announced the availability of Llama 2, which will be made available in the Microsoft Azure AI…
Twitter’s rebranding to ‘X’ triggers Microsoft Edge security alert
Microsoft Edge web browser has been displaying security warnings after Twitter changed its name to ‘X’. Amid its rapid rebranding over the last few days,…
Hackers Stole 8 Million Data From U.S. Gov Services Contractor
Using a vulnerability in MOVEit Transfer, hackers gained access to 8 to 11 million individuals’ ‘Users Data’ protected health information. Maximus, a US government contracting…
Programme for International Cyber Expo’s Global Cyber Summit 2023 Announced
International Cyber Expo has announced its programme for the annual Global Cyber Summit, sponsored by Sonatype, OpenText, and Infoblox, and hosted at Olympia London on…