Silent Threat Lurking in Your Salesforce Communities
May 31, 2023Ravie LakshmananData protection / Cyber Threat Improperly deactivated and abandoned Salesforce Sites and Communities (aka Experience Cloud) could pose severe risks to organizations,…
Category: TheHackerNews
Critical Firmware Vulnerability in Gigabyte Systems Exposes ~7 Million Devices
May 31, 2023Ravie LakshmananFirmware Security / Vulnerability Cybersecurity researchers have found “backdoor-like behavior” within Gigabyte systems, which they say enables the UEFI firmware of the…
Safeguard Critical Assets and Fight Cybercrime
May 31, 2023The Hacker NewsThreat Hunting / Cybersecurity Finding threat actors before they find you is key to beefing up your cyber defenses. How to…
Microsoft Details Critical Apple macOS Vulnerability Allowing SIP Protection Bypass
May 31, 2023Ravie LakshmananEndpoint Security / Vulnerability Microsoft has shared details of a now-patched flaw in Apple macOS that could be abused by threat actors…
Hackers Exploit Barracuda Email Security Gateway 0-Day Flaw for 7 Months
May 31, 2023Ravie LakshmananNetwork Security / Zero Day Enterprise security firm Barracuda on Tuesday disclosed that a recently patched zero-day flaw in its Email Security…
Implementing Risk-Based Vulnerability Discovery and Remediation
In this day and age, vulnerabilities in software and systems pose a considerable danger to businesses, which is why it is essential to have an…
CAPTCHA-Breaking Services with Human Solvers Helping Cybercriminals Defeat Security
May 30, 2023Ravie Lakshmanan Cybersecurity researchers are warning about CAPTCHA-breaking services that are being offered for sale to bypass systems designed to distinguish legitimate users…
Hackers Win $105,000 for Reporting Critical Security Flaws in Sonos One Speakers
May 30, 2023Ravie LakshmananZero Day / Vulnerability Multiple security flaws uncovered in Sonos One wireless speakers could be potentially exploited to achieve information disclosure and…
Sneaky DogeRAT Trojan Poses as Popular Apps, Targets Indian Android Users
May 30, 2023Ravie LakshmananMobile Security / Android A new open source remote access trojan (RAT) called DogeRAT targets Android users primarily located in India as…
New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force
May 29, 2023Ravie LakshmananAuthentication / Mobile Security Researchers have discovered an inexpensive attack technique that could be leveraged to brute-force fingerprints on smartphones to bypass…
3 Challenges in Building a Continuous Threat Exposure Management (CTEM) Program and How to Beat Them
If you’re a cybersecurity professional, you’re likely familiar with the sea of acronyms our industry is obsessed with. From CNAPP, to CWPP, to CIEM and…
AceCryptor: Cybercriminals’ Powerful Weapon, Detected in 240K+ Attacks
A crypter (alternatively spelled cryptor) malware dubbed AceCryptor has been used to pack numerous strains of malware since 2016. Slovak cybersecurity firm ESET said it identified over 240,000 detections…