Who’s Responsible to Secure this Data?
When SaaS applications started growing in popularity, it was unclear who was responsible for securing the data. Today, most security and IT teams understand the…
Category: TheHackerNews
FormBook Malware Spreads via Malvertising Using MalVirt Loader to Evade Detection
Feb 06, 2023Ravie LakshmananMalvertising / Data Safety An ongoing malvertising campaign is being used to distribute virtualized .NET loaders that are designed to deploy the…
New Android Banking Trojan Targeting Brazilian Financial Institutions
A new Android banking trojan has set its eyes on Brazilian financial institutions to commit fraud by leveraging the PIX payments platform. Italian cybersecurity company…
Hackers Actively Exploiting Zero-Day in Fortra’s GoAnywhere MFT
Feb 04, 2023Ravie LakshmananZero-Day / Vulnerability A zero-day vulnerability affecting Fortra’s GoAnywhere MFT managed file transfer application is being actively exploited in the wild. Details…
New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers
Feb 04, 2023Ravie LakshmananEnterprise Security / Ransomware VMware ESXi hypervisors are the target of a new wave of attacks designed to deploy ransomware on compromised…
Post-Macro World Sees Rise in Microsoft OneNote Documents Delivering Malware
Feb 03, 2023Ravie LakshmananAttack Vector / Endpoint Security In a continuing sign that threat actors are adapting well to a post-macro world, it has emerged…
Is Your EV Charging Station Safe? New Security Vulnerabilities Uncovered
Feb 03, 2023Ravie LakshmananAutomotive Security / Vulnerability Two new security weaknesses discovered in several electric vehicle (EV) charging systems could be exploited to remotely shut…
How MSPs Can Turn a Challenge Into a Once-in-a-Decade Opportunity
Cybersecurity is quickly becoming one of the most significant growth drivers for Managed Service Providers (MSPs). That’s the main insight from a recent study from…
Iranian OilRig Hackers Using New Backdoor to Exfiltrate Data from Govt. Organizations
Feb 03, 2023Ravie LakshmananCyber Espionage / Cyber Threat The Iranian nation-state hacking group known as OilRig has continued to target government organizations in the Middle…
Atlassian’s Jira Software Found Vulnerable to Critical Authentication Vulnerability
Feb 03, 2023Ravie LakshmananCloud Security / Vulnerability Atlassian has released fixes to resolve a critical security flaw in Jira Service Management Server and Data Center…
New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products
Feb 03, 2023Ravie LakshmananNetwork Security / Vulnerability F5 has warned of a high-severity flaw impacting BIG-IP appliances that could lead to denial-of-service (DoS) or arbitrary…
Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack
Feb 03, 2023Ravie LakshmananVulnerability Management The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on February 2 added two security flaws to its Known Exploited Vulnerabilities…