Chinese Threat Actors Use ORB Networks To Evade Attribution
Cybersecurity defenders have widely relied on blocking attacker IP addresses through identified IOCs in response to threat actor campaigns. However, Chinese threat actors are rapidly…
Month: May 2024
Latest Tesla Model Vulnerable To Relay Attacks
A new study reveals that Tesla’s keyless entry system in its latest Model 3 remains vulnerable to relay attacks despite its upgrade to ultra-wideband (UWB)…
The threat of KeyPlug against Italian industries
APT41: The threat of KeyPlug against Italian industries Pierluigi Paganini May 23, 2024 Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug employed…
Triage: The not-so-secret hack to impactful bug bounty programs
At the core of every thriving bug bounty platform lies its triage team. These teams evaluate vulnerability reports, deciding on escalation and prioritization. Moreover, they…
Spyware App Found Running on Multiple US Hotel Computers
A consumer-grade spyware app named pcTattletale has been discovered running on the check-in systems of at least three Wyndham hotels across the United States. This…
Are Your SaaS Backups as Secure as Your Production Data?
Conversations about data security tend to diverge into three main threads: How can we protect the data we store on our on-premises or cloud infrastructure?…
Apple’s Wi-Fi Positioning Can Be System Abused To Track Users
A new study by researchers at the University of Maryland has uncovered a privacy vulnerability in Apple’s Wi-Fi Positioning System (WPS) that allows attackers to…
Chinese APT Group’s Stealthy Tactics Exposed
May 23, 2024NewsroomCyber Espionage / Network Security Governmental entities in the Middle East, Africa, and Asia are the target of a Chinese advanced persistent threat…
Critical SQL Injection flaws impact Ivanti Endpoint Manager (EPM)
Critical SQL Injection flaws impact Ivanti Endpoint Manager (EPM) Pierluigi Paganini May 23, 2024 Ivanti addressed multiple flaws in the Endpoint Manager (EPM), including remote…
OpenText Acquires Cybersecurity MDR Platform for MSPs
OpenText, a leader in information management solutions, has announced the acquisition of Pillr technology, a cloud-native, multi-tenant Managed Detection and Response (MDR) platform designed for…
GitHub fixes maximum severity Enterprise Server auth bypass bug (CVE-2024-4985)
A critical, 10-out-of-10 vulnerability (CVE-2024-4985) allowing unrestricted access to vulnerable GitHub Enterprise Server (GHES) instances has been fixed by Microsoft-owned GitHub. Fortunately, there is a…
How AI will change your credit card behind the scenes
Many companies are starting to implement Artificial Intelligence (AI) within their services. Whenever there are large amounts of data involved, AI offers a way to…