Attackers Stolen API Keys & Hashed Passwords
Dropbox disclosed a significant security breach affecting its electronic signature service, Dropbox Sign (formerly known as HelloSign). The incident, which came to light on April…
Category: CyberSecurityNews
Hackers Infiltrated 9-days Within UnitedHealth Network Before Ransomware Attack
Andrew Witty, CEO of UnitedHealth Group, detailed a sophisticated ransomware attack on Change Healthcare, a key component of the UnitedHealth network. The cybercriminals, identifying themselves…
Malware Cuckoo – An Infosteler Spyware Steals Data From MacOS
Security researchers have uncovered a previously undetected malware threat for macOS that exhibits characteristics of both an infostealer and spyware. Dubbed “Cuckoo” after the brood…
Postman API Testing Platform Flaw Exposes Sensitive Credentials
Truffle Security Co. has recently discovered a major vulnerability in Postman, the widely used API testing platform. This flaw exposed over 4,000 active credentials, creating…
Millions of Docker Hub Repositories Found Pushing Malware
It has been found that almost one-fifth of the repositories on Docker Hub, a popular platform for developers to store and share containerized applications, have…
Investigating Two TeamCity Authentication Bypass Vulnerabilities
Vulnerability exploits are the third most common way that cybercriminals gain access to target organizations, surpassed only by credential stealing and phishing in 2023. Once…
New Attack Steals Sensitive Data From Modern Processors
Microarchitectural side-channel attacks misuse shared processor state to transmit information between security domains. Although they can be used in isolation, they are frequently employed as…
Muddling Meerkat Using DNS As A Powerful Weapon
Hackers exploit DNS vulnerabilities to redirect users to malicious websites, launch distributed denial-of-service (DDoS) attacks by overwhelming DNS servers, and manipulate domain resolutions to intercept…
Beware of New Android Trojan That Executes Malicious Commands
Cybersecurity researchers at XLab have uncovered a new Android malware strain called “Wpeeper.” This sophisticated backdoor Trojan has been designed to infiltrate Android systems and…
Authorities Seized Platform Used For Paid DDoS
On April 17, 2024, a joint effort between the Dresden Public Prosecutor’s Office and the Cybercrime Competence Center of the Saxony State Criminal Police Office,…
Safari Flaw Exposing EU iPhone Users to Trackers
A significant security flaw has been identified in Apple’s Safari browser that could potentially expose iPhone users in the European Union to unauthorized tracking. This…
Ex-Infosec Designer Sentenced to Over 21 Years in Prison
Jareh Sebastian Dalke, 32, of Colorado Springs, was sentenced today to 262 months in prison for attempted espionage in connection with his efforts to transmit…