CrushFTP Vulnerability Exploited in Wild to Execute Remote Code
A critical vulnerability in CrushFTP, identified as CVE-2024-4040, has been actively exploited in the wild. It allows attackers to perform unauthenticated remote code execution on…
Month: May 2024
Backstory Of The World’s Second CISO
08 May Backstory Of The World’s Second CISO Posted at 08:51h in Blogs by Di Freeze This week in cybersecurity from the editors at Cybercrime…
MITRE breach details reveal attackers’ successes and failures
MITRE has shared a timeline of the recent breach if fell victim to and has confirmed that it began earlier than previously thought: on December…
The Fundamentals of Cloud Security Stress Testing
״Defenders think in lists, attackers think in graphs,” said John Lambert from Microsoft, distilling the fundamental difference in mindset between those who defend IT systems…
UPS Management Vulnerability: Critical Risks And Mitigation
A new UPS management vulnerability in CyberPower Uninterrupted Power Supply (UPS) management software has been uncovered, revealing multiple flaws that have serious implications for the security…
LiteSpeed Cache WordPress plugin actively exploited in the wild
LiteSpeed Cache WordPress plugin actively exploited in the wild Pierluigi Paganini May 08, 2024 Threat actors are exploiting a high-severity vulnerability in the LiteSpeed Cache…
MorLock Ransomware Attacking Organizations to Steal Data
A new group known as MorLock ransomware has intensified its attacks on Russian businesses, causing disruptions and financial losses. This group, first identified at the…
CyberSmart announces expansion into the Australian market with HAT Distribution partnership
CyberSmart, the UK’s leading provider of complete cyber confidence to UK SMEs has announced its partnership with Australian technology distributor, HAT Distribution. The partnership will…
Hackers Abuse Google Search Ads to Deliver MSI-Packed Malware
Hackers have been found exploiting Google search ads to distribute malware through MSI (Microsoft Installer) packages. This campaign, involving the malware loader known as FakeBat,…
Photos: RSA Conference 2024 – Help Net Security
RSA Conference 2024 is taking place at the Moscone Center in San Francisco. Help Net Security is on-site, and this gallery takes you inside the…
Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version
May 08, 2024NewsroomEncryption / Information Stealer A newer version of a malware loader called Hijack Loader has been observed incorporating an updated set of anti-analysis…
MedStar Health Data Breach Impacts 183,000 In Washington
MedStar Health, a prominent non-profit healthcare provider disclosed a data breach that impacts more than 183,000 patients from its hundreds of care locations which it…