Category Security

June 1, 2023Ravi LakshmananNetwork security/exploits Citing evidence of active exploitation, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed a critical security flaw in recently patched Zyxel gear in its Known Exploited Vulnerabilities (KEV) catalog. Added. This issue, tracked as…

The cyberattack campaign by well-known APT group Dark Pink has a wider scope than originally thought, with researchers identifying five new victims, including one from Belgium. The group has ties to the Chinese nation and was previously thought to focus…

May 31, 2023hacker newsThreat hunting / cyber security Finding attackers before they find you is critical to strengthening your cyber defenses. How to do this efficiently and effectively is no easy task, but a small investment of time can save…

ChatGPT’s hallucinations caused chaos in courts, and riots in Wales may have been sparked on social media. And do you think .MOV is a good top-level domain for “websites that move your heart”? All this and much more is discussed…

Only 49% of leadership teams are actively investing in identity protection solutions before a security incident occurs. Only 29% have taken action to support and invest in identity and security protection after having already experienced a security incident. The numbers…

May 31, 2023Ravi LakshmananEndpoint security/vulnerability Microsoft has released details of vulnerabilities patched in Apple macOS. This vulnerability could be exploited by an attacker with root access to bypass security enforcement and take arbitrary actions on the affected device. Specifically, what…

Security researchers have discovered a new Android Trojan that could compromise 421 million devices. The Doctor Web team revealed information about this Trojan called Android.Spy.SpinOk in an advisory published on Monday. SpinOk has several spyware capabilities such as file harvesting…

May 31, 2023Ravi LakshmananData protection / cyber threats Improper deactivation and abandonment of Salesforce Sites and Communities (also known as the Experience Cloud) poses significant risk to your organization and can lead to unauthorized access to sensitive data. Data security…

RaidForums, the notorious hacking and data breach forum that was seized and shut down by authorities in April 2022, is perhaps surprisingly at the center of a new cybersecurity breach. Because it looks like the hacking site RaidForums has been……

A new vulnerability has been discovered in macOS that allows attackers with root access to bypass System Integrity Protection (SIP) and take arbitrary actions on affected devices. Discovered by Microsoft and named “Migrene,” the flaw was disclosed to Apple through…