Hackers Stole 8 Million Data From U.S. Gov Services Contractor
Using a vulnerability in MOVEit Transfer, hackers gained access to 8 to 11 million individuals’ ‘Users Data’ protected health information. Maximus, a US government contracting…
Category: CyberSecurityNews
Metabase Critical Flaw Permit Attackers to Act as Servers
Recent reports indicate that Metabase has been discovered with an unauthenticated Remote Code Execution (RCE) vulnerability that lets threat actors compromise servers and execute arbitrary…
Android Phones Warn About Bluetooth Trackers & AirTags
Google has announced an alerting and manual scanning mechanism which can be used to find unknown tracker alerts. This feature will be rolled out to…
Over 60% of AWS Environments Exposed to Zenbleed Attacks
AMD Zenbleed 2 processors were found vulnerable to use-after-free flaws, enabling data theft. While the exploitation of this flaw demands local code execution, less likely…
ModSecurity WAF Flaw Let Hackers Trigger DoS Attack
Trustwave’s open-source Web Application Firewall (WAF) engine, ModSecurity, faces DoS risk due to four transformation actions vulnerability. Cybersecurity researchers at Trustwave identified this flaw and…
Hackers Exploit Windows Search Feature to Execute Malware
Malware authors persistently seek novel approaches to exploit unsuspecting users in the active cyber threat landscape. To easily locate all the available files, folders, and…
Hackers distribute PurpleFox Malware Using MS-SQL Servers
The purple fox malware has been active since 2018, adopting a new technique to deliver its payload through MS SQL servers. The threat actors target…
New Black Hat AI Tool Launched by Cybercriminals
Along with tech companies, cybercriminals are also actively leveraging generative AI models for creating AI-powered chatbots. The growing rise of generative AI models has dramatically…
API Security – Top 4 Challenges Faced by CISOs
CISOs recognize the importance of integrating web applications and API security to protect sensitive customer data while facilitating seamless business operations. Recent headlines featuring security…
Over 19 Million Password Logs Sold on the Dark Web and Telegram
The rapid increase of info stealers has emerged as a major risk for organizations, including chatGPT, and has led to a rise in cybercrime in…
How it Assists Attackers & Security Analysts
OpenAI’s ChatGPT, released in November 2022, stunned users with its diverse capabilities, answering questions and crafting custom essays, sparking widespread fascination. The versatility of ChatGPT…
Cryptojacking Attack Patterns Checklist for Administrators
Cloud cryptojacking disguises itself as cloud computing resource abuse, where threat actors exploit legitimate tenants for cryptocurrency mining using their computing power. Cloud computing abuse…