Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation
Jan 31, 2024NewsroomVulnerability / Zero Day Ivanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which…
Category: TheHackerNews
Understanding New SaaS Cybersecurity Rules
The SEC isn’t giving SaaS a free pass. Applicable public companies, known as “registrants,” are now subject to cyber incident disclosure and cybersecurity readiness requirements…
Telegram Marketplaces Fuel Phishing Attacks with Easy-to-Use Kits and Malware
Jan 31, 2024NewsroomCyber Crime / Hacking News Cybersecurity researchers are calling attention to the “democratization” of the phishing ecosystem owing to the emergence of Telegram…
Italian Businesses Hit by Weaponized USBs Spreading Cryptojacking Malware
Jan 31, 2024NewsroomCryptocurrency / Cybersecurity A financially motivated threat actor known as UNC4990 is leveraging weaponized USB devices as an initial infection vector to target…
Chinese Hackers Exploiting VPN Flaws to Deploy KrustyLoader Malware
Jan 31, 2024NewsroomCyber Attack / Network Security A pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have…
New Glibc Flaw Grants Attackers Root Access on Major Linux Distros
Jan 31, 2024NewsroomVulnerability / Endpoint Security Malicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security…
Brazilian Feds Dismantle Grandoreiro Banking Trojan, Arresting Top Operatives
Jan 30, 2024NewsroomCyber Crime / Malware A Brazilian law enforcement operation has led to the arrest of several Brazilian operators in charge of the Grandoreiro…
URGENT: Upgrade GitLab – Critical Workspace Creation Flaw Allows File Overwrite
Jan 30, 2024NewsroomDevSecOps / Vulnerability GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE)…
China-Linked Hackers Target Myanmar’s Top Ministries with Backdoor Blitz
Jan 30, 2024NewsroomMalware / Cyber Espionage The China-based threat actor known as Mustang Panda is suspected to have targeted Myanmar’s Ministry of Defence and Foreign…
Italian Data Protection Watchdog Accuses ChatGPT of Privacy Violations
Jan 30, 2024NewsroomGenerative AI / Data Privacy Italy’s data protection authority (DPA) has notified ChatGPT-maker OpenAI of supposedly violating privacy laws in the region. “The…
Top Security Posture Vulnerabilities Revealed
Each New Year introduces a new set of challenges and opportunities for strengthening our cybersecurity posture. It’s the nature of the field – the speed…
New ZLoader Malware Variant Surfaces with 64-bit Windows Compatibility
Jan 30, 2024NewsroomMalware / Cyber Threat Threat hunters have identified a new campaign that delivers the ZLoader malware, resurfacing nearly two years after the botnet’s…