News • Insights • Analysis
Russia has accused United States intelligence agencies of hacking thousands of iPhones belonging to Russian users and foreign diplomats in the country. Russia’s Federal Security Service (FSB) said on Thursday that it had discovered an “intelligence action” that had compromised Read More …
Progress Software has released a security advisory for a SQL injection vulnerability (CVE-2023-34362) in MOVEit Transfer—a Managed File Transfer Software. A cyber threat actor could exploit this vulnerability to take over an affected system. CISA urgers users and organizations to Read More …
The Federal Bureau of Investigation (FBI), the U.S. Department of State, and the National Security Agency (NSA), together with the Republic of Korea’s National Intelligence Service (NIS), National Police Agency (NPA), and Ministry of Foreign Affairs (MOFA), are jointly issuing Read More …
While monitoring its own corporate Wi-Fi network dedicated for mobile devices using the Kaspersky Unified Monitoring and Analysis Platform (KUMA), Kaspersky researchers noticed suspicious activity that originated from several iOS-based phones. Since it is impossible to inspect modern iOS devices Read More …
Cisco Talos has observed a threat actor deploying a previously unidentified botnet program Talos is calling “Horabot,” which delivers a known banking trojan and spam tool onto victim machines in a campaign that has been ongoing since at least November Read More …
CISA released five Industrial Control Systems (ICS) advisories on June 1, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-152-01 Advantech WebAccess-SCADA ICSA-23-152-02 HID Global SAFE ICSA-22-256-03 Delta Electronics DIAEnergie (Update A) Read Read More …
A critical vulnerability patched 10 days ago in widely used email software from IT security company Barracuda Networks has been under active exploitation since October. The software bug, tracked as CVE-2023-2868, is a remote-command injection vulnerability that stems from incomplete Read More …
Component supplier Gigabyte has some pressing questions to answer. The first and most pressing is, “Why did you put an updater backdoor into your own motherboard firmware without telling anyone?” The second is, “Why didn’t you lock it down in Read More …
The notorious North Korean state-backed hackers, known as the Lazarus Group, are now targeting vulnerable Windows Internet Information Services (IIS) web servers to gain initial access to corporate networks. Lazarus is primarily financially motivated, with many analysts believing that the Read More …
A group of hackers called Mysterious Team made multiple Senegalese government websites go offline overnight on Friday by hitting them with denial-of-service (DDoS) attacks, a government spokesperson said. The group claimed responsibility for the cyber attacks in a series of Read More …
