Attackers Exploiting Critical F5 BIG-IP Vulnerability
Exploitation of a recently patched critical vulnerability in F5’s BIG-IP product started less than five days after public disclosure and proof-of-concept (PoC) exploit code was…
Month: October 2023
Malicious NuGet packages abuse MSBuild to install malware
A new NuGet typosquatting campaign pushes malicious packages that abuse Visual Studio’s MSBuild integration to execute code and install malware stealthily. NuGet is an open-source…
Russian Hacking Tool Creates Fake Social Media Profiles in Seconds
The Kopeechka service, which refers to “penny” in Russian, is a new tool criminals use to quickly and easily generate hundreds of fake social media…
We mustn’t let the return to offices kill the growth of women in tech
Slow progress on gender diversity Getting this right remains a key issue because women are still woefully under-represented in the tech industry. This year’s Digital…
Canada Bans WeChat and Kaspersky Due to Spying Concerns
The Government of Canada has instructed government employees to immediately uninstall WeChat and Kaspersky apps from their smartphones, tablets, and laptops. Canada has banned the…
Patch now! BIG-IP Configuration utility is vulnerable for an authentication bypass
Tech company F5 has warned customers about a critical authentication bypass vulnerability impacting its BIG-IP product line that could result in unauthenticated remote code execution.…
Atlassian Warns of New Critical Confluence Vulnerability Threatening Data Loss
Oct 31, 2023NewsroomVulnerability / Data Protection Atlassian has warned of a critical security flaw in Confluence Data Center and Server that could result in “significant…
How much is enough to support those who maintain open source?
The research and development team at Spotify has nominated four open source projects to receive a share of its annual €100,000 FOSS (Free and Open…
SiegedSec Hacker Group’s Surprise Halloween Hack
Hacker group SiegedSec has claimed responsibility for a cyberattack on Israel’s largest telecommunications company, Bezeq. Announced on their dark web channel, the Bezeq data breach…
Authenticity Of Indian COVID Data Leak In Question
Cybersecurity professionals are debating over the authenticity of what has been called India’s biggest data leak. The alleged Indian COVID data leak comprises personal information…
.US Harbors Prolific Malicious Link Shortening Service – Krebs on Security
The top-level domain for the United States — .US — is home to thousands of newly-registered domains tied to a malicious link shortening service that…
Increase in Phishing Threats among Organizations Has Created a Lot of Opportunities for the Cyber Security Industry
By Koyal Ghosh, Senior Writer, Allied Market Reasearch Growing trend of BYOD and smart assimilation of machine learning, IoT, and AI in several projects have…