The DrayTek Gateway devices, more specifically the Vigor2960 and Vigor300B models, are susceptible to a critical command injection vulnerability. Exploitable via the /cgi-bin/mainfunction.cgi/apmcfgupload endpoint, attackers…
In the ever-evolving landscape of digital security, maintaining trust is paramount. When a Certification Authority (CA) is no longer trusted by browsers like Google, as…
Jan 01, 2025Ravie LakshmananGenerative AI / Election Interference The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) on Tuesday leveled sanctions against two entities…
If you’re worried about possible expansions of government surveillance and access to your information, or simply want to do some digital purging so you’re not…
SUMMARY EC2 Grouper Identified: Researchers found EC2 Grouper exploiting AWS credentials and tools using distinct patterns like “ec2group12345.” Credential Compromise: They primarily obtain credentials from…
In a concerning development for internet security, a new variation of a long-standing cyberattack technique known as “DoubleClickjacking,” has been discovered, threatening the security of…
Ransomware has evolved significantly since its inception in the 1970s, growing from simple, isolated incidents to a complex, global threat that costs billions of dollars…
A massive phishing campaign has compromised at least 35 Google Chrome extensions, collectively used by approximately 2.6 million users, injecting malicious code to steal sensitive…
Rhode Island ’s data from health benefits system leaked on the dark web Pierluigi Paganini December 31, 2024 Rhode Island ’s health benefits system was…
New details have emerged about a phishing campaign targeting Chrome browser extension developers that led to the compromise of at least thirty-five extensions to inject…
The previous year will mark one of the most destructive ones for global cybersecurity. Hackers targeted industries at all levels of the spectrum: healthcare, telecom,…
It has been discovered that over 3.3 million POP3 and a similar number of IMAP services are operating without the necessary encryption protocols, leaving usernames…
