Over 30% of Log4J apps use a vulnerable version of the library
Roughly 38% of applications using the Apache Log4j library are using a version vulnerable to security issues, including Log4Shell, a critical vulnerability identified as CVE-2021-44228…
Month: December 2023
2023 Cloud Security Report
In 2023, the cloud is fundamentally delivering on its promised business outcomes, including flexible capacity and scalability, increased agility, improved availability, and accelerated deployment and…
WordPress 6.4.2 fixed a Remote Code Execution (RCE) flaw
WordPress 6.4.2 fixed a Remote Code Execution (RCE) flaw Pierluigi Paganini December 10, 2023 WordPress 6.4.2 addressed a security vulnerability that could be chained with…
Week in review: Booking.com hotel booking scam, Kali Linux 2023.4 released
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Advanced ransomware campaigns expose need for AI-powered cyber defenseIn this…
Hacktivists hacked a Irish water utility and interrupted water supply
Hacktivists hacked an Irish water utility and interrupted the water supply Pierluigi Paganini December 09, 2023 Threat actors launched a cyberattack on an Irish water…
5Ghoul flaws impact hundreds of 5G devices with Qualcomm, MediaTek chips
5Ghoul flaws impact hundreds of 5G devices with Qualcomm, MediaTek chips Pierluigi Paganini December 09, 2023 A set of flaws, collectively called 5Ghoul, in the firmware…
AutoSpill attack steals credentials from Android password managers
Security researchers developed a new attack, which they named AutoSpill, to steal account credentials on Android during the autofill operation. In a presentation at the…
5 ICS Firewall Best Practices
Industrial control systems (ICS) that function well can help companies grow, meet emerging needs and maintain reliability. However, many people overseeing ICS security don’t always…
DDoS Attacks on Rappler Linked to Proxy Service Providers in US and Russia
Qurium, the Swedish media foundation and human rights watchdog leading the investigation into these DDoS attacks implicates FineProxy and RayoByte in facilitating the attacks. On…
New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs
Dec 09, 2023NewsroomCyber Threat / Hardware Security Researchers from the Vrije Universiteit Amsterdam have disclosed a new side-channel attack called SLAM that could be exploited…
BlackCat Ransomware Group SEC Complaint: Strategy Or Exploitation?
Filing a complaint with The U.S. Securities and Exchange Commission (SEC) in the event of a company’s non-disclosure of a cyberattack is primarily rooted in…
Norton Healthcare disclosed a data breach after ransomware attack
Norton Healthcare disclosed a data breach after ransomware attack Pierluigi Paganini December 09, 2023 Kentucky health system Norton Healthcare disclosed a data breach after it…