Category Security

A major US security agency has given the government until May 4 to patch a zero-day vulnerability allegedly exploited by e-commerce apps to spy on users. The US Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2023-20963 to its catalog of…

April 17, 2023Rabbi Lakshmananbrowser security / cyber threats A new credential-stealing malware called Zarazabot It is marketed by Telegram while using the popular messaging service as command and control (C2). “The Zaraza bot targets numerous web browsers and is actively…

April 15, 2023Rabbi LakshmananZero-day / browser security Google released an out-of-band update on Friday to resolve an actively exploited zero-day vulnerability in its Chrome web browser. tracked as CVE-2023-2033, the high-severity vulnerability is described as a type confusion issue in…

Automaker Hyundai recently disclosed a breach that affected an unspecified number of Italian and French car owners, as well as individuals who booked test drives. The company notified affected individuals by email.Some of them posted screenshots of their messages on…

Several cybersecurity organizations around the world have jointly published a new set of guidelines to help manufacturers prioritize cybersecurity practices when designing products. This document is endorsed by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of…

Accountants are warned by malicious hackers to be cautious. That’s because cybercriminals are taking advantage of the rush to prepare their clients’ tax returns before the US tax day deadline. Tax Day in the United States, which falls on Tuesday,…

The “Read The Manual” (RTM) Locker group has been observed using ransomware to target corporate environments and force affiliates to follow a strict set of rules. The group’s businesslike approach (also seen by other threat actors such as Conti) shows…

April 14, 2023Rabbi LakshmananAmerica Russia related APT29 The (aka Cozy Bear) threat actor is attributed to ongoing cyber espionage campaigns targeting foreign ministries and agencies located in NATO member states, the European Union, and Africa. According to Poland’s Military Counterintelligence…

According to the Identity Theft Resource Center (ITRC), the volume of data breaches in the US fell in Q1 2023, but the number of notifications that didn’t contain actionable information increased 20% from the previous quarter. The nonprofit tracks publicly…

April 14, 2023hacker newsVirtual CISO / Cybersecurity Businesses of all sizes face a myriad of cybersecurity threats in today’s rapidly changing digital environment. With the right people, technical tools, and services in place, MSSPs are well-positioned to ensure their customers’…