Misinformation and hacktivist campaigns targeting the Philippines skyrocket

Leave a Comment / Courtroom Digital Forensics / By

[ad_1] Misinformation and hacktivist campaigns targeting the Philippines skyrocket Pierluigi Paganini April 16, 2024 Amidst rising tensions with China in the SCS, Resecurity observed a spike in malicious cyber activity targeting the Philippines in Q1 2024. Amidst rising tensions with China in the South China Sea, Resecurity has observed a significant spike in malicious cyber activity …

Misinformation and hacktivist campaigns targeting the Philippines skyrocket Read More »

Cybersecurity Pros Urge US Congress to Help NIST Restore NVD Operation

Leave a Comment / Cybersecurity Compliance / By

[ad_1] Voices in the vulnerability management community warned that the lasting issues of the US National Vulnerability Database (NVD) could lead to a major supply chain security crisis. A group of 50 cybersecurity professionals signed an open letter that was sent on April 12 to the US Secretary of Commerce, Gina Raimondo, and several members …

Cybersecurity Pros Urge US Congress to Help NIST Restore NVD Operation Read More »

PuTTY SSH Client flaw allows of private keys recovery

Leave a Comment / Courtroom Digital Forensics / By

[ad_1] PuTTY SSH Client flaw allows of private keys recovery Pierluigi Paganini April 16, 2024 The PuTTY Secure Shell (SSH) and Telnet client are impacted by a critical vulnerability that could be exploited to recover private keys. PuTTY tools from 0.68 to 0.80 inclusive are affected by a critical vulnerability, tracked as CVE-2024-31497, that resides in …

PuTTY SSH Client flaw allows of private keys recovery Read More »

LeakyCLI Flaw Exposes AWS and Google Cloud Credentials

Leave a Comment / Cybersecurity Compliance / By

[ad_1] Security researchers have discovered a new vulnerability affecting command-line tools used in cloud environments.  Dubbed “LeakyCLI” by the Orca Security team, the flaw exposes sensitive credentials in logs, posing potential risks to organizations utilizing AWS and Google Cloud platforms.  The issue mirrors a previously identified vulnerability in Azure CLI (CVE-2023-36052, with a CVSS score …

LeakyCLI Flaw Exposes AWS and Google Cloud Credentials Read More »

A renewed espionage campaign targets South Asia with iOS spyware LightSpy

Leave a Comment / Courtroom Digital Forensics / By

[ad_1] A renewed espionage campaign targets South Asia with iOS spyware LightSpy Pierluigi Paganini April 16, 2024 Researchers warn of a renewed cyber espionage campaign targeting users in South Asia with the Apple iOS spyware LightSpy Blackberry researchers discovered a renewed cyber espionage campaign targeting South Asia with an Apple iOS spyware called LightSpy. The sophisticated …

A renewed espionage campaign targets South Asia with iOS spyware LightSpy Read More »

Report Suggests 93% of Breaches Lead to Downtime and Data Loss

Leave a Comment / Cybersecurity Compliance / By

[ad_1] A substantial 93% of enterprises admitting to a breach have suffered significant consequences, ranging from unplanned downtime to data exposure or financial loss.  This alarming statistic, unveiled by Pentera’s latest research efforts, underscores the escalating challenges organizations face in safeguarding their digital assets against evolving cyber-threats. The report, published today, comprehensively analyzes how enterprises …

Report Suggests 93% of Breaches Lead to Downtime and Data Loss Read More »

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia 

Leave a Comment / Courtroom Digital Forensics / By

[ad_1] Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia  Pierluigi Paganini April 16, 2024 The Dark Angels (Dunghill) ransomware group claims the hack of the chipmaker Nexperia and the theft of 1 TB of data from the company. The Dark Angels (Dunghill) ransomware group claims responsibility for hacking chipmaker …

Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia  Read More »

Open Source Leaders Warn of XZ Utils-Like Takeover Attempts

Leave a Comment / Cybersecurity Compliance / By

[ad_1] The Open Source Security (OpenSSF) and OpenJS Foundations have called on open source maintainers to look out for takeover attempts, after spotting multiple social engineering attacks reminiscent of the recent xz Utils campaign. The OpenJS Foundation Cross Project Council claimed in a new blog post that it recently received a series of suspicious emails …

Open Source Leaders Warn of XZ Utils-Like Takeover Attempts Read More »

Blackjack group used ICS malware Fuxnet against Russian targets

Leave a Comment / Courtroom Digital Forensics / By

[ad_1] Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets Pierluigi Paganini April 15, 2024 The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. Industrial and enterprise IoT cybersecurity firm Claroty reported that the Ukrainian Blackjack hacking group claims to have damaged emergency detection and response …

Blackjack group used ICS malware Fuxnet against Russian targets Read More »

Palo Alto Networks Zero-Day Flaw Exploited in Targeted Attacks

Leave a Comment / Cybersecurity Compliance / By

[ad_1] Palo Alto Networks has detected targeted assaults exploiting a recently unearthed critical zero-day vulnerability within its PAN-OS software, designated CVE-2024-3400 with a CVSS score of 10.0.  This flaw enables unauthorized actors to execute arbitrary code with root privileges on affected firewalls. Identified as Operation MidnightEclipse, these targeted attacks have been closely monitored following the …

Palo Alto Networks Zero-Day Flaw Exploited in Targeted Attacks Read More »

Scroll to Top