Blog
Cisco Releases Urgent Patch to Fix Critical Flaw in Emergency Responder Systems
Cisco has released updates to address a critical security flaw impacting Emergency Responder that allows unauthenticated, remote attackers to sign into susceptible systems using hard-coded credentials. The vulnerability, tracked as CVE-2023-20101 (CVSS score: 9.8), is...
Banned Applications Used as a Lure to Target Russian Users
Cyble identifies a phishing campaign targeting Russians with fake sites for ExpressVPN, WeChat, and Skype. Criminals aim to deliver a RMS, gain initial access, and deploy malware. Researchers cite that TA505 might be behind this campaign. It is recommended to...
Cyberattacks in Arizona, Missouri Limit Access to Community Services
The limited access to patient information systems and critical tools used by doctors due to cyberattacks can have detrimental effects on patient care, potentially costing lives.
Analysis and Config Extraction of Lu0Bot, a Node.js Malware with Considerable Capabilities
Nowadays, more malware developers are using unconventional programming languages to bypass advanced detection systems. The Node.js malware Lu0Bot is a testament to this trend. By targeting a platform-agnostic runtime environment common in modern web apps and employing...
Guyana Governmental Entity Hit by DinodasRAT in Cyber Espionage Attack
A governmental entity in Guyana has been targeted as part of a cyber espionage campaign dubbed Operation Jacana. The activity, which was detected by ESET in February 2023, entailed a spear-phishing attack that led to the deployment of a hitherto undocumented implant...
GoldDigger Android Trojan Targets Banking Apps in Asia Pacific Countries
A new Android banking trojan named GoldDigger has been found targeting several financial applications with an aim to siphon victims' funds and backdoor infected devices. "The malware targets more than 50 Vietnamese banking, e-wallet and crypto wallet applications,"...
CISA Warns of Active Exploitation of JetBrains and Windows Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation, while removing five bugs from the list due to lack of adequate evidence. The...
Google and Yahoo Say They Will Crack Down on Spam With New Measures
Yahoo will implement rules requiring all bulk senders to use robust email authentication, while also pushing for one-click unsubscribe options. Google will require bulk senders to validate their identities and strongly authenticate their emails.
Okta Buys Personal Password Manager Uno to Service Consumers
Okta has acquired password manager Uno to enter the consumer identity market. Uno, founded by a former Google engineer, is known for its design-centric and user-friendly password management tools.
Critical Atlassian Confluence Bug Under Attack; Patch Now
Upgrading alone will not remove attackers from compromised instances, and organizations must take steps to detect compromises, remove unauthorized admins, and assess any potential damage.
FREE GUIDE