[ad_1] Misinformation and hacktivist campaigns targeting the Philippines skyrocket Pierluigi Paganini April 16, 2024 Amidst rising tensions with China in the SCS, Resecurity observed a spike in malicious cyber activity targeting the Philippines in Q1 2024. Amidst rising tensions with China in the South China Sea,... Continue reading
[ad_1] Voices in the vulnerability management community warned that the lasting issues of the US National Vulnerability Database (NVD) could lead to a major supply chain security crisis. A group of 50 cybersecurity professionals signed an open letter that was sent on April 12 to... Continue reading
[ad_1] PuTTY SSH Client flaw allows of private keys recovery Pierluigi Paganini April 16, 2024 The PuTTY Secure Shell (SSH) and Telnet client are impacted by a critical vulnerability that could be exploited to recover private keys. PuTTY tools from 0.68 to 0.80 inclusive are affected... Continue reading
[ad_1] Security researchers have discovered a new vulnerability affecting command-line tools used in cloud environments. Dubbed “LeakyCLI” by the Orca Security team, the flaw exposes sensitive credentials in logs, posing potential risks to organizations utilizing AWS and Google Cloud platforms. The issue mirrors a previously... Continue reading
[ad_1] A renewed espionage campaign targets South Asia with iOS spyware LightSpy Pierluigi Paganini April 16, 2024 Researchers warn of a renewed cyber espionage campaign targeting users in South Asia with the Apple iOS spyware LightSpy Blackberry researchers discovered a renewed cyber espionage campaign targeting... Continue reading
[ad_1] A substantial 93% of enterprises admitting to a breach have suffered significant consequences, ranging from unplanned downtime to data exposure or financial loss. This alarming statistic, unveiled by Pentera’s latest research efforts, underscores the escalating challenges organizations face in safeguarding their digital assets against... Continue reading
[ad_1] Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia Pierluigi Paganini April 16, 2024 The Dark Angels (Dunghill) ransomware group claims the hack of the chipmaker Nexperia and the theft of 1 TB of data from the company. The... Continue reading
[ad_1] The Open Source Security (OpenSSF) and OpenJS Foundations have called on open source maintainers to look out for takeover attempts, after spotting multiple social engineering attacks reminiscent of the recent xz Utils campaign. The OpenJS Foundation Cross Project Council claimed in a new blog... Continue reading
[ad_1] Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets Pierluigi Paganini April 15, 2024 The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. Industrial and enterprise IoT cybersecurity firm Claroty reported that the Ukrainian Blackjack... Continue reading
[ad_1] Palo Alto Networks has detected targeted assaults exploiting a recently unearthed critical zero-day vulnerability within its PAN-OS software, designated CVE-2024-3400 with a CVSS score of 10.0. This flaw enables unauthorized actors to execute arbitrary code with root privileges on affected firewalls. Identified as Operation... Continue reading