US, Australia Issue Warning Over Access Control Vulnerabilities in Web Applications
New guidance from the Australian Cyber Security Centre (ACSC), the US Cybersecurity and Infrastructure Security Agency (CISA), and National Security...
Read more →Author: Cybernoz
Metabase Critical Flaw Permit Attackers to Act as Servers
Recent reports indicate that Metabase has been discovered with an unauthenticated Remote Code Execution (RCE) vulnerability that lets threat actors...
Read more →
Hackers Abusing Windows Search Feature to Install Remote Access Trojans
Jul 28, 2023THNMalware / Cyber Threat A legitimate Windows search feature is being exploited by malicious actors to download arbitrary...
Read more →
IT Sustainability Think Tank: Recruitment and the regulatory landscape
The IT sustainability tide is moving fast and most industries lack clear guidelines or role models to follow, and new...
Read more →
In Other News: Data Breach Cost Rises, Russia Targets Diplomats, Tracker Alerts in Android
SecurityWeek is publishing a weekly cybersecurity roundup that provides a concise compilation of noteworthy stories that might have slipped under...
Read more →
IcedID Malware Adapts and Expands Threat with Updated BackConnect Module
Jul 28, 2023THNMalware / Cyber Threat The threat actors linked to the malware loader known as IcedID have made updates...
Read more →
How to become eligible for Hybrid Pentesting?
Guaranteed income, fresh scope, and no researcher competition sounds like paradise to you? Stop dreaming right now and have a...
Read more →
Exploitation of Recent Citrix ShareFile RCE Vulnerability Begins
Threat intelligence company Greynoise says it has observed the first attempts to exploit a recent critical remote code execution (RCE)...
Read more →
Hawai’i Community College pays ransomware gang to prevent data leak
The Hawaiʻi Community College has admitted that it paid a ransom to ransomware actors to prevent the leaking of stolen...
Read more →
STARK#MULE Targets Koreans with U.S. Military-themed Document Lures
Jul 28, 2023THNCyber Attack / Malware An ongoing cyber attack campaign has set its sights on Korean-speaking individuals by employing...
Read more →
Industry Reactions to New SEC Cyber Incident Disclosure Rules: Feedback Friday
The US Securities and Exchange Commission (SEC) has adopted new cybersecurity incident disclosure rules for public companies, but there is...
Read more →
Hacker-Attacking Developers Using Weaponized MS Visual Studio
Recent reports suggest that threat actors have been spreading malicious versions of Microsoft Visual Studio, a highly familiar Integrated Development...
Read more →