How AI-powered software development helps digitisation
We are in the throes of a well-documented tech skills crisis. Globally, surging demand for skilled technology workers from businesses looking to digitally transform means…
Month: October 2023
Windows Server Running SMB over QUIC Leads to DoS Attack
QUIC, created by Google, is a modern transport layer protocol aimed at enhancing connection reliability and security while addressing latency and packet loss issues utilizing…
Budworm APT Attacking Telecoms Org With New Custom Tools
APT (Advanced Persistent Threat) actors are evolving at a rapid pace, continually enhancing their toolsets and tactics. They adapt quickly to security measures, leveraging advanced…
Scattered Spider Getting SaaS-y in the Cloud
LUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages the Identity Provider (IDP) as…
Versity targets Exabyte volumes in data archiving
Versity’s archiving products only start at dozens of petabytes of minimum storage volumes, while its installed storage volume has reached several exabytes with no sign…
Johnson Controls Ransomware Attack Could Impact DHS
Sensitive Department of Homeland Security (DHS) information might have been compromised in a recent ransomware attack aimed at government contractor Johnson Controls International. A multinational…
25 Year Old RSA Decryption Vulnerability Disclosed
A new type of vulnerability in the software implementation of PKCS#1 v1.5 padding scheme for RSA key exchange, which was previously confirmed to be susceptible,…
APT34 Employs Weaponized Word Documents to Deploy Malware
APT34 is a secretive cyberespionage group specializing in Middle East targets, known for gathering sensitive intelligence via spear phishing and advanced infiltration methods. The sophistication…
Unpatched Exim Vulnerabilities Expose Many Mail Servers to Attacks
The existence of several unpatched vulnerabilities impacting Exim mail transfer agent (MTA) installations was disclosed last week, more than one year after they were initially…
Malicious HDMI Cables Steals Photos, Videos, and Location Data
John Bumstead, who works for a company called 404Media that fixes and sells used electronics, found an iPhone-to-HDMI adapter that seemed normal at first. However,…
CISA Kicks Off Cybersecurity Awareness Month With New Program
To celebrate the 20th Cybersecurity Awareness Month, CISA has launched a new program, meant to promote four critical actions that businesses and individuals can take…
OpenRefine’s Zip Slip Vulnerability Could Let Attackers Execute Malicious Code
Oct 02, 2023THNVulnerability / Cyber Attack A high-severity security flaw has been disclosed in the open-source OpenRefine data cleanup and transformation tool that could result…