Popular HR and Payroll Company Sequoia Discloses a Data Breach
The human resources, payroll, and benefits management company Sequoia said in disclosures to customers at the beginning of the month that it detected unauthorized access…
Latest Cybersecurity News — Page 6104
View all →
Insurance cover becoming impossible for Cyber Attacks
Insurance companies like Lloyd offer cyber insurance policies that cover a business from facing a business loss during a cyber-attack. However, in coming days, cyber…
SMEs: Boost awareness on cybersecurity – ENISA tools and guidance
In a time of increased remote work and growing cyber threats, SMEs face major cybersecurity challenges. Low-security budget, lack of employee awareness, management support, lack…
Facebook Cracks Down on Spyware Vendors from U.S., China, Russia, Israel, and India
Meta Platforms disclosed that it took down no less than 200 covert influence operations since 2017 spanning roughly 70 countries across 42 languages. The social…
Hackers exploit bug in WordPress gift card plugin with 50K installs
Hackers are actively targeting a critical flaw in YITH WooCommerce Gift Cards Premium, a WordPress plugin used on over 50,000 websites. YITH WooCommerce Gift Cards…
NodeBB prototype pollution flaw could lead to account takeover
‘Not a prototype pollution vulnerability as you might normally understand it’ NodeBB, a Node.js platform for creating forum applications, has patched a prototype pollution vulnerability…
Lensa AI and ‘Magic Avatars’: What to Know Before Using the App
Has the stale selfie that’s served as your profile picture gone a little too long without a refresh? You’ve likely seen friends using the Lensa AI app to…
New Agenda Ransomware Variant, Written in Rust, Aiming at Critical Infrastructure
Dec 19, 2022Ravie LakshmananData Security / Endpoint Security A Rust variant of a ransomware strain known as Agenda has been observed in the wild, making…
The Week in Ransomware – December 23rd 2022
Reports this week illustrate how threat actors consider Microsoft Exchange as a prime target for gaining initial access to corporate networks to steal data and…
JSON syntax hack allowed SQL injection payloads to be smuggled past WAFs
John Leyden 09 December 2022 at 13:17 UTC Updated: 15 December 2022 at 17:06 UTC Five vendors act to thwart generic hack Security researchers have…
Log4j’s Log4Shell Vulnerability: One Year Later, It’s Still Lurking
Apache had to scramble at the beginning of December 2021 to be ready to release patches for Log4Shell when it publicly disclosed the situation on…
New info-stealer malware infects software pirates via fake cracks sites
A new information-stealing malware named ‘RisePro’ is being distributed through fake cracks sites operated by the PrivateLoader pay-per-install (PPI) malware distribution service. RisePro is designed…