Banking should start testing out quantum ideas
Banks should be setting up a quantum computing taskforce, a report from UK Finance has concluded. The Identifying and seizing the opportunities presented by quantum…
Month: November 2023
Iranian Cyber Spies Use ‘LionTail’ Malware in Latest Attacks
An Iranian espionage group has been caught using a new malware framework in a recent spate of cyberattacks, according to a warning from researchers at…
Hackers Weaponize HWP Documents to Attack Defense sectors
HWP documents are primarily associated with the Hangul Word Processor software used in South Korea. Hackers may opt for HWP documents to target National Defense…
Mass Exploitation of ‘Citrix Bleed’ Vulnerability Underway
Thousands of Citrix NetScaler ADC and Gateway instances remain unpatched against a critical vulnerability that is being widely exploited, security researchers warn. The flaw, which…
Kubernetes Security Flaw Let Attacks Escalate Admin Privileges
A new privilege escalation vulnerability has been discovered in Kubernetes, which allows threat actors to gain administrative privileges on affected pods. The CVE for this…
F5 Warns of Attacks Targeting BIG-IP SQL injection vulnerability
F5 Networks has issued a security alert about a severe vulnerability in its BIG-IP Configuration utility, identified as CVE-2023-46748. This vulnerability is an authenticated SQL…
Incident response planning is vulnerable to legacy thinking
Part of the challenge is demonstrated in the question here. Our legacy thinking may lead us into thinking about incident response in a perimeter-focused way;…
Malvertising Campaigns Exploits Ads With NodeStealer Malware
In a cunning ploy to compromise Windows PCs, hackers have turned to Facebook ads featuring provocative images to entice unsuspecting users into downloading the NodeStealer…
Chrome 119 Patches 15 Vulnerabilities
Google on Tuesday announced the release of Chrome 119 to the stable channel with patches for 15 vulnerabilities, including 13 reported by external researchers. Three…
CitrixBleed vulnerability exploited by a ransomware gang
At the end of October, AssetNote released a proof-of-concept for the CVE-2023–4966 associated with sensitive information disclosure for Citrix Netscaler ADC devices and was given…
SolarWinds and its CISO accused of misleading investors before major cyberattack
The Securities and Exchange Commission (SEC) has announced charges against software company SolarWinds Corporation and its chief information security officer (CISO), Timothy G. Brown, for…
Lloyds bank kicks off Hyderabad operation
Lloyds Banking Group has described the opening of a tech delivery centre in Hyderabad, India, as a “pivotal moment” in the bank’s £3bn, three-year, digital…