[ad_1] CISA adds JetBrains TeamCity and Windows flaws to its Known Exploited Vulnerabilities catalog Pierluigi Paganini October 05, 2023 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the JetBrains TeamCity flaw CVE-2023-42793 (CVSS score: 9.8) and Windows bug CVE-2023-28229 (CVSS score: 7.0) to its Known Exploited... Continue reading
Return to previous page
Page 145
[ad_1] Security researchers from the Qualys Threat Research Unit (TRU) have uncovered a new buffer overflow vulnerability within the GNU C Library’s dynamic loader, shedding light on this flaw’s potential risks to Linux distributions. The vulnerability in question affects the processing of the GLIBC_TUNABLES environment... Continue reading
[ad_1] Apple fixed the 17th zero-day flaw exploited in attacks Pierluigi Paganini October 04, 2023 Apple released emergency security updates to address a new actively exploited zero-day vulnerability impacting iPhone and iPad devices. Apple released emergency security updates to address a new zero-day vulnerability, tracked as... Continue reading
[ad_1] Banking security firm ThreatFabric has found evidence that LightSpy, an iPhone spyware discovered in 2020, is more sophisticated than previously reported and could be linked to the infamous Chinese-sponsored threat group APT41. During the investigation, ThreatFabric researchers discovered new features in the LightSpy malware.... Continue reading
[ad_1] The potential for cybercriminals to use AI chatbots to create phishing campaigns has been cause for concern and now it has been found to be almost impossible to detect AI-generated phishing emails, according to email security provider Egress. AI detectors cannot tell whether a... Continue reading
[ad_1] WS_FTP flaw CVE-2023-40044 actively exploited in the wild Pierluigi Paganini October 02, 2023 Experts warn of threat actors actively exploiting CVE-2023-40044 flaw in recently disclosed flaw in Progress Software’s WS_FTP products. Progress Software recently warned customers to address a critical severity vulnerability, tracked as CVE-2023-40044 (CVSS... Continue reading
[ad_1] Zscaler ThreatLabz has identified a newly emerging Malware-as-a-Service (MaaS) threat known as “BunnyLoader,” available on underground forums. The tool, priced at $250, is actively under development, rapidly evolving with various feature updates and bug fixes. BunnyLoader, primarily coded in C/C++, is a fileless loader... Continue reading
[ad_1] Ransomware attack on Johnson Controls may have exposed sensitive DHS data Pierluigi Paganini October 02, 2023 Experts warn that the recent attack on building automation giant Johnson Controls may have exposed data of the Department of Homeland Security (DHS). Johnson Controls International plc is... Continue reading
[ad_1] The US Federal Bureau of Investigation (FBI) has issued a Private Industry Notification highlighting two concerning trends in the world of ransomware attacks. As of July 2023, the FBI observed a rising occurrence of dual ransomware attacks on the same victim within close date... Continue reading
[ad_1] National Logistics Portal (NLP) data leak: seaports in India were left vulnerable to takeover by hackers Pierluigi Paganini October 02, 2023 The National Logistics Portal (NLP), a newly launched platform to manage all port operations in India, left public access to sensitive data, posing... Continue reading