Threat Actors Abuse Cloudflare Tunnel for Persistent Access, Data Theft
Threat actors have been observed abusing an open source tool named Cloudflared to maintain persistent access to compromised systems and...
Read more →Category: SecurityWeek
New York Couple Plead Guilty to Bitcoin Laundering
A married couple from New York dubbed “Bitcoin Bonnie and Crypto Clyde” pleaded guilty on Thursday to laundering billions of...
Read more →
Microsoft Criticized Over Handling of Critical Power Platform Vulnerability
A critical Microsoft Power Platform vulnerability exposed organizations’ authentication data and other secrets, but the tech giant has been accused...
Read more →
Points.com Vulnerabilities Allowed Customer Data Theft, Rewards Program Hacking
Multiple vulnerabilities in the popular airline and hotel rewards platform points.com could have allowed attackers to access users’ personal information,...
Read more →
Exploitation of Ivanti EPMM Flaw Picking Up as New Vulnerability Is Disclosed
Exploitation of the recently disclosed Ivanti Endpoint Manager Mobile (EPMM) vulnerability has started to pick up, just as the vendor...
Read more →
Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities
Government agencies in Australia, Canada, New Zealand, the UK, and the US have published a list of the software vulnerabilities...
Read more →
CISA Calls Urgent Attention to UEFI Attack Surfaces
The US government’s cybersecurity agency CISA is calling attention to under-researched attack surfaces in UEFI, warning that the dominant firmware...
Read more →
670 ICS Vulnerabilities Disclosed by CISA in First Half of 2023: Analysis
The US Cybersecurity and Infrastructure Security Agency (CISA) disclosed 670 vulnerabilities affecting industrial control systems (ICS) and other operational technology...
Read more →
Jericho Security Raises $3 Million for Awareness Training Powered by Generative AI
Jericho Security today announced that it has raised $3 million in a pre-seed funding round led by global investment firm...
Read more →
Dozens of RCE Vulnerabilities Impact Milesight Industrial Router
Dozens of vulnerabilities impacting the Milesight UR32L industrial router could be exploited to execute arbitrary code or commands, Cisco’s Talos...
Read more →
Decommissioned Medical Infusion Pumps Expose Wi-Fi Configuration Data
Most medical infusion pumps sold via secondary market sources still contain Wi-Fi configuration settings from the original organization that deployed...
Read more →
These Are the Top Five Cloud Security Risks, Qualys Says
Cloud security specialist Qualys has provided its view of the top five cloud security risks, drawing insights and data from...
Read more →