The Importance of Cybersecurity Hygiene –
Good cyber hygiene refers to the proactive steps and best practices users and organizations can take to keep their online environment free from cyber threats.…
Month: December 2024
Don’t Gift Your Data This Christmas –
It’s December, Christmas music is everywhere and the holiday season is in full swing. As people look to buy gifts for loved ones, there are…
Postman Workspaces Leak 30000 API Keys and Sensitive Tokens
SUMMARY 30,000 Public Workspaces Exposed: CloudSEK identifies massive data leaks from Postman workspaces. Sensitive Data at Risk: Leaks include API keys, tokens, and administrator credentials.…
European Space Agency’s official store hacked to steal payment cards
European Space Agency’s official web shop was hacked as it started to load a piece of JavaScript code that generates a fake Stripe payment page…
Adobe is aware that ColdFusion bug CVE-2024-53961 has a known PoC exploit code
Adobe is aware that ColdFusion bug CVE-2024-53961 has a known PoC exploit code Pierluigi Paganini December 24, 2024 Adobe released out-of-band security updates to address a…
Python Malware in Zebo-0.1.0 and Cometlogger-0.1 Found Stealing User Data
KEY SUMMARY POINTs from the article Malicious Packages Identified: Zebo-0.1.0 and Cometlogger-0.1 are malicious Python packages discovered on PyPI. Sensitive Data Theft: These packages steal…
American Airlines shutdown not because of Cyber Attack
On the eve of Christmas 2024, many Americans will be traveling to visit loved ones and attend church services to celebrate the holiday, expressing gratitude…
Apache HugeGraph-Server Vulnerability Lets Attackers Bypass Authentication
A new security vulnerability, CVE-2024-43441, has been identified in Apache HugeGraph-Server, a widely used open-source graph database system. This flaw, classified as an Authentication Bypass…
Clop ransomware is now extorting 66 Cleo data-theft victims
The Clop ransomware gang started to extort victims of its Cleo data theft attacks and announced on its dark web portal that 66 companies have 48 hours to…
OilRig Hackers Exploiting Windows Kernel 0-day to Attack Organizations
The Iranian state-sponsored hacking group OilRig, also known as APT34, has intensified its cyber espionage activities, targeting critical infrastructure and government entities in the United…
FBI links North Korean hackers to $308 million crypto heist
The North Korean hacker group ‘TraderTraitor’ stole $308 million worth of cryptocurrency in the attack on the Japanese exchange DMM Bitcoin in May. In a short…
Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts
Dec 24, 2024Ravie LakshmananMalware / Data Exfiltration Cybersecurity researchers have flagged two malicious packages that were uploaded to the Python Package Index (PyPI) repository and…