[ad_1] A malvertising campaign is delivering a new version of the macOS Atomic Stealer Pierluigi Paganini September 07, 2023 Researchers spotted a new malvertising campaign targeting Mac users with a new version of the macOS stealer Atomic Stealer. Malwarebytes researchers have observed a new malvertising... Continue reading
Return to previous page
Page 167
[ad_1] Researchers at Akamai have unearthed a concerning shift in the behavior of dynamically seeded Domain Generation Algorithm (DGA) families within Domain Name System (DNS) traffic data. This discovery reveals how malicious actors are adapting their tactics to prolong the life of their command-and-control (C2)... Continue reading
[ad_1] Apple discloses 2 new actively exploited zero-day flaws in iPhones, Macs Pierluigi Paganini September 07, 2023 Apple rolled out emergency security updates to address two new actively exploited zero-day vulnerabilities impacting iPhones and Macs. The two Apple zero-day vulnerabilities, tracked as CVE-2023-41064 and CVE-2023-41061,... Continue reading
[ad_1] API security company Traceable has unveiled its 2023 State of API Security Report. In collaboration with the Ponemon Institute, the study provides a comprehensive global perspective on the state of API security, exposing critical vulnerabilities and their far-reaching consequences. The report, based on insights... Continue reading
[ad_1] Two flaws in Apache SuperSet allow to remotely hack servers Pierluigi Paganini September 07, 2023 A couple of security vulnerabilities in Apache SuperSet could be exploited by an attacker to gain remote code execution on vulnerable systems. Apache Superset is an open-source Data Visualization and Data... Continue reading
[ad_1] Sensitive patient data may have been accessed following a breach of the Janssen CarePath platform, a subsidiary of pharmaceutical giant Johnson & Johnson. Tech firm IBM, a service provider to Johnson & Johnson Health Care Systems, notified customers of the incident in a statement... Continue reading
[ad_1] Security researchers have uncovered a new covert phishing operation selling sophisticated tools used to target an estimated 56,000 Microsoft 365 accounts in just a 10-month period. Group-IB revealed the existence of the covert W3LL actor in a new report, W3LL Done: Hidden Phishing Ecosystem... Continue reading
[ad_1] Chinese cyberspies obtained Microsoft signing key from Windows crash dump due to a mistake Pierluigi Paganini September 07, 2023 Microsoft revealed that the Chinese group Storm-0558 stole a signing key used to breach government email accounts from a Windows crash dump. In July, Microsoft... Continue reading
[ad_1] A high-severity vulnerability has been discovered in PHPFusion, an open-source content management system (CMS) used by over 15 million websites worldwide to manage and customize their content and designs. The authenticated local file inclusion vulnerability, CVE-2023-2453, could lead to remote code execution (RCE), enabling... Continue reading
[ad_1] A zero-day in Atlas VPN Linux Client leaks users’ IP address Pierluigi Paganini September 06, 2023 Experts warn of an Atlas VPN zero-day flaw impacting the Linux client that can reveal the user’s IP address by visiting a website. A Reddit user with the... Continue reading