Blog
High-Severity Vulnerabilities Patched in QNAP QTS, Video Station, QuMagie, Netatalk Products
While there is no evidence that the flaws have been exploited in the wild, it's recommended that users take steps to update their installations to the latest version to mitigate potential risks.
Update: Apache OFBiz Zero-Day Sees Thousands of Daily Exploit Attempts
The authentication bypass flaw in OFBiz allows attackers to remotely execute arbitrary code and access sensitive information. Upgrading to OFBiz version 18.12.11 is crucial to patch both this zero-day vulnerability and another equally serious hole.
Why Public Links Expose Your SaaS Attack Surface
Collaboration is a powerful selling point for SaaS applications. Microsoft, Github, Miro, and others promote the collaborative nature of their software applications that allows users to do more. Links to files, repositories, and boards can be shared with anyone,...
Rhysida Ransomware Gang Takes Credit for Christmas Attack on Global Lutheran Organization
The attack was carried out by the Rhysida ransomware gang, who also claimed responsibility for attacking the Lutheran World Federation, a member of the WCC. The WCC's systems went down on December 26, 2023.
Alert: New Vulnerabilities Discovered in QNAP and Kyocera Device Manager
A security flaw has been disclosed in Kyocera’s Device Manager product that could be exploited by bad actors to carry out malicious activities on affected systems. "This vulnerability allows attackers to coerce authentication attempts to their own resources, such as a...
Sensitive Files of Swiss Air Force Stolen in the Hack of Ultra Intelligence & Communications
The breach, carried out by the BlackCat ransomware gang, resulted in the theft of around 30 gigabytes of sensitive data, including a contract between the Swiss Department of Defence and Ultra Intelligence & Communications for nearly $5 million.
Netgear, Hyundai Latest X Accounts Hacked To Push Crypto Drainers
Hackers are increasingly targeting verified Twitter accounts of businesses and government organizations to promote cryptocurrency scams and steal assets from unsuspecting users.
Beware! YouTube Videos Promoting Cracked Software Distribute Lumma Stealer
Threat actors are resorting to YouTube videos featuring content related to cracked software in order to entice users into downloading an information stealer malware called Lumma. “These YouTube videos typically feature content related to cracked applications,...
Ransomware Attack on Toronto Zoo Had No Impact on Animal Wellbeing
The Toronto Zoo's operations and animal well-being were not impacted by a recent ransomware attack on its systems. The zoo does not store credit card information but is investigating if the attack affected guest and donor records.
Cyberattack Hits Maldives Government Websites
Over the weekend, the Maldives government websites experienced a cyberattack, resulting in temporary unavailability of the President's office, Foreign Ministry, and Tourism Ministry websites.
FREE GUIDE