Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks

Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks Pierluigi Paganini September 08, 2023 A zero-day vulnerability (CVE-2023-20269) in Cisco ASA and FTD is actively exploited in ransomware attacks, the company warns. Cisco warns that a zero-day vulnerability (CVE-2023-20269) in Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) is actively …

Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks Read More »

Russian Man Handed Nine-Year Sentence for Hacking Scheme

A US court has sentenced a Russian businessman to nine years in prison for an elaborate corporate hacking scheme that defrauded American businesses to the tune of approximately $93m. Vladislav Klyushin, 42, from Moscow, Russia, was also ordered to forfeit $34,065,419 and pay restitution in an amount that will be determined at a later date …

Russian Man Handed Nine-Year Sentence for Hacking Scheme Read More »

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns Pierluigi Paganini September 08, 2023 U.S. CISA warned that nation-state actors are exploiting flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that nation-state actors are exploiting security vulnerabilities in Fortinet FortiOS …

Nation-state actors exploit Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, CISA warns Read More »

Regulator to Investigate Fertility App Security Concerns

The UK’s data protection regulator is set to review how period and fertility tracking applications process user information, after revealing that many women have concerns. The Information Commissioner’s Office (ICO) said it has contacted the developers of many of these apps to find out more. It also wants users to come forward and share their …

Regulator to Investigate Fertility App Security Concerns Read More »

One Month After the Lahaina Fire, Families and Residents Seek Closure

Eric Lee, 40, a guide with Maui Off-Road Adventures, lost his home in the fire, as did his mother, who lived on Front Street, along the ocean where some people died in their cars while stuck in evacuation traffic. For 48 hours after the fire, Mr. Lee had no idea where his mother was. “I …

One Month After the Lahaina Fire, Families and Residents Seek Closure Read More »

Zero-Day Flaw Exposes Atlas VPN User IPs

A Reddit user known as “Educational-Map-8145” has exposed a critical zero-day flaw affecting the Linux client of Atlas VPN, a popular virtual private network service.  The vulnerability, which impacts the latest version of the client (1.0.3), allows malicious websites to disconnect the VPN and reveal the user’s IP address, raising concerns about user privacy and security. …

Zero-Day Flaw Exposes Atlas VPN User IPs Read More »

A malvertising campaign is delivering a new version of macOS Atomic Stealer

A malvertising campaign is delivering a new version of the macOS Atomic Stealer Pierluigi Paganini September 07, 2023 Researchers spotted a new malvertising campaign targeting Mac users with a new version of the macOS stealer Atomic Stealer. Malwarebytes researchers have observed a new malvertising campaign distributing an updated version of the popular Atomic Stealer (AMOS) …

A malvertising campaign is delivering a new version of macOS Atomic Stealer Read More »

DGA Behavior Shifts Raise Cybersecurity Concerns

Researchers at Akamai have unearthed a concerning shift in the behavior of dynamically seeded Domain Generation Algorithm (DGA) families within Domain Name System (DNS) traffic data. This discovery reveals how malicious actors are adapting their tactics to prolong the life of their command-and-control (C2) communication channels, safeguarding their botnets. From a technical standpoint, DGAs come …

DGA Behavior Shifts Raise Cybersecurity Concerns Read More »

Apple discloses 2 actively exploited zero-days in iPhones, Macs

Apple discloses 2 new actively exploited zero-day flaws in iPhones, Macs Pierluigi Paganini September 07, 2023 Apple rolled out emergency security updates to address two new actively exploited zero-day vulnerabilities impacting iPhones and Macs. The two Apple zero-day vulnerabilities, tracked as CVE-2023-41064 and CVE-2023-41061, reside in the Image I/O and Wallet frameworks. CVE-2023-41064 is a …

Apple discloses 2 actively exploited zero-days in iPhones, Macs Read More »

API Vulnerabilities: 74% of Organizations Report Multiple Breaches

API security company Traceable has unveiled its 2023 State of API Security Report. In collaboration with the Ponemon Institute, the study provides a comprehensive global perspective on the state of API security, exposing critical vulnerabilities and their far-reaching consequences. The report, based on insights from 1629 cybersecurity experts across the United States, the United Kingdom …

API Vulnerabilities: 74% of Organizations Report Multiple Breaches Read More »

Scroll to Top