API9:2023 Improper Inventory Management
Welcome to the 10th post in our weekly series on the new 2023 OWASP API Security Top-10 list, with a particular focus on security practitioners.…
Month: September 2023
The Shocking Data on Kia and Hyundai Thefts in the US
Mandiant researchers published findings this week about a newly revealed Chinese espionage operation that used Sogu malware to spy on the African operations of both…
New Advanced Backdoor with Distinctive Malware Tactics
Sep 23, 2023THNCyber Espionage / Malware Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth…
City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack.
City of Dallas has set a budget of $8.5 million to mitigate the May Royal ransomware attack Pierluigi Paganini September 23, 2023 The City of…
Air Canada discloses data breach of employee and ‘certain records’
Image Credit: John McArthur (Unsplash) Air Canada, the flag carrier and the largest airline of Canada, disclosed a cyber security incident this week in which hackers…
New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware
The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver…
Zero-Day iOS Exploit Chain Infects Devices with Predator Spyware
Key Findings Ahmed Eltantawy, a former Egyptian MP and presidential candidate, was targeted with Cytrox’s Predator spyware after announcing his bid for the presidency. The…
T-Mobile spills billing information to other customers
T-Mobile customers recently found other subscribers’ information on their online dashboards. Some T-Mobile customers logged into their accounts on Wednesday to find another customer’s billing…
Emergency update! Apple patches three zero-days
Apple has released patches for three zero-day vulnerabilities that may have been actively exploited. Apple has released security updates for several products to address a…
‘Horse Gone Barn Bolted’ is Strong Password – Krebs on Security
The password manager service LastPass is now forcing some of its users to pick longer master passwords. LastPass says the changes are needed to ensure…
Recently patched Apple and Chrome zero-days exploited to infect devices in Egypt with Predator spyware
Recently patched Apple and Chrome zero-days exploited to infect devices in Egypt with Predator spyware Pierluigi Paganini September 22, 2023 Citizen Lab and Google’s TAG…
H1-702 Las Vegas Day 2: Hacking with Zoom
Welcome back to our first day of in-person hacking! We had some lovely people greeting you today for your check-in. Again, we want all of…