Banking Sector Targeted in Open-Source Software Supply Chain Attacks
Cybersecurity researchers said they have discovered what they say is the first open-source software supply chain attacks specifically targeting the banking sector. “These attacks showcased advanced techniques, including targeting specific components in web assets of the victim bank by attaching malicious functionalities to it,” Checkmarx said in a report published last week. “The attackers
VirusTotal issues apology for recent sensitive data leak
By Habiba Rashid The incident, first reported by The STANDARD, an Austrian news outlet. This is a post from HackRead.com Read the original post: VirusTotal issues apology for recent sensitive data leak
10 Essential Cybersecurity Tips for Small Businesses
By Owais Sultan This article presents ten essential cybersecurity tips tailored specifically for small businesses. So let’s get to it! In… This is a post from HackRead.com Read the original post: 10 Essential Cybersecurity Tips for Small Businesses
Phishers Exploiting Google Docs to Harvest Crypto Credentials
By Deeba Ahmed The phishing campaign has been dubbed BEC 3.0 by researchers. This is a post from HackRead.com Read the original post: Phishers Exploiting Google Docs to Harvest Crypto Credentials
Apple Threatens to Pull iMessage and FaceTime from U.K. Amid Surveillance Demands
Apple has warned that it would rather stop offering iMessage and FaceTime services in the U.K. than bowing down to government pressure in response to new proposals that seek to expand digital surveillance powers available to state intelligence agencies. The development, first reported by BBC News, makes the iPhone maker the latest to join the chorus of […]
CISA: You’ve got two weeks to patch Citrix NetScaler vulnerability CVE-2023-3519
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical unauthenticated remote code execution (RCE) vulnerability in Citrix NetScaler ADC and Citrix NetScaler Gateway to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. This means that Federal Civilian Executive Branch (FCEB) agencies need to remediate this vulnerability by August 9, 2023 to […]
Estée Lauder targeted by Cl0p and BlackCat ransomware groups
Estée Lauder is currently at the heart of a compromise storm, revealing a major security issue via a Security Exchange Commission (SEC) filing on Tuesday. Although no detailed explanation of what has taken place is given, there is confirmation that an attack allowed access to some systems and involved potential data exfiltration. Meanwhile, two ransomware […]
Global CDN Service ‘jsdelivr’ Exposed Users to Phishing Attacks
By Habiba Rashid In the interconnected world of web development, open-source components play a vital role, facilitating collaboration and code sharing… This is a post from HackRead.com Read the original post: Global CDN Service ‘jsdelivr’ Exposed Users to Phishing Attacks
Roblox Data Breach: PII of Thousands of Developers Stolen
By Waqas It turns out that Roblox suffered a data breach in 2021, but the company only revealed its details this week. This is a post from HackRead.com Read the original post: Roblox Data Breach: PII of Thousands of Developers Stolen
HotRat: New Variant of AsyncRAT Malware Spreading Through Pirated Software
A new variant of AsyncRAT malware dubbed HotRat is being distributed via free, pirated versions of popular software and utilities such as video games, image and sound editing software, and Microsoft Office. “HotRat malware equips attackers with a wide array of capabilities, such as stealing login credentials, cryptocurrency wallets, screen capturing, keylogging, installing more malware, and