OneBlood Confirms Ransomware Attack – Donor’s Personal Information Stolen
OneBlood, a major blood donation nonprofit serving the southeastern United States, has confirmed a significant data breach resulting from a ransomware attack that occurred in…
Category: CyberSecurityNews
CISA Adds 2 New Known Vulnerabilities That Actively Exploited in The Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has updated its Known Exploited Vulnerabilities (KEV) Catalog with two new critical vulnerabilities, urging organizations to act promptly…
Rootkit Malware Exploiting Zero-day Vunlerabilities to Control Linux Systems Remotely
Fortinet researchers uncovered an advanced rootkit malware exploiting multiple zero-day vulnerabilities in enterprise appliances by executing a shell script (Install.sh). The analysis sheds new light…
New macOS Vulnerability Lets Attackers Bypass Apple’s System Integrity Protection (SIP)
Microsoft Threat Intelligence has identified a significant vulnerability in macOS that could allow attackers to bypass Apple’s System Integrity Protection (SIP), a critical security mechanism…
BeyondTrust Privileged Remote Access Vulnerability Actively Exploited in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical OS command injection vulnerability (CVE-2024-12686) found in BeyondTrust’s Privileged Remote Access (PRA) and Remote…
CISA Releases A New Free Guide For OT Products Security
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has launched a new guidance document to enhance cybersecurity for operational technology (OT) products. The guide, titled…
Attackers Allegedly Steal 2.3 GB Of Internal Data
Spanish telecommunications giant Telefonica has confirmed a significant breach of its internal systems, with attackers claiming to have stolen approximately 2.3 GB of sensitive data.…
Microsoft Multi-Factor Authentication Down Blocking Office 365 Users Access
Microsoft has alerted users to an issue with its Multi-Factor Authentication (MFA) system, which has disrupted access to certain Microsoft 365 applications. The problem, identified…
Aviatrix Controller RCE Vulnerability Exploited In The Wild
A critical remote code execution (RCE) vulnerability, CVE-2024-50603, has been actively exploited in the wild, posing significant risks to cloud environments. This vulnerability affects Aviatrix…
Ako Ransomware Abusing Windows API Calls To Detect Infected System Locations
Ako, commonly referred to as MedusaReborn, is a C++-based ransomware strain that has been active since January 2020. It functions under the Ransomware-as-a-Service (RaaS) business…
GPU Driver Vulnerabilities in Imagination Let Attackers Gain Kernel Access Remotely
Imagination Technologies, a leader in GPU innovation, has issued updates to address a series of critical vulnerabilities identified in its GPU driver software. Imagination Technologies…
Researchers Detailed ZAP Scanner’s Capabilities in Identifying Security Flaws
Researchers have conducted a detailed study on the capabilities of ZAP (Zed Attack Proxy), an open-source tool widely used for identifying vulnerabilities in web applications.…