U.S. Government Agencies’ Emails Compromised in China-Backed Cyber Attack
An unnamed Federal Civilian Executive Branch (FCEB) agency in the U.S. detected anomalous email activity in mid-June 2023, leading to Microsoft’s discovery of a new China-linked espionage campaign targeting two dozen organizations. The details come from a joint cybersecurity advisory released by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation
New Vulnerabilities Disclosed in SonicWall and Fortinet Network Security Products
SonicWall on Wednesday urged customers of Global Management System (GMS) firewall management and Analytics network reporting engine software to apply the latest fixes to secure against a set of 15 security flaws that could be exploited by a threat actor to circumvent authentication and access sensitive information. Of the 15 shortcomings (tracked from CVE-2023-34123 through […]
Update now! Microsoft patches a whopping 130 vulnerabilities
It’s that time of the month again. For the July 2023 Patch Tuesday, Microsoft has issued security updates for 130 vulnerabilities. Nine of the vulnerabilities are rated as critical and four of them are known to be actively exploited. The Cybersecurity & Infrastructure Security Agency (CISA) has already added these four vulnerabilities to the catalog […]
How to secure your business before going on vacation
For many, the summer months should be a time of peace: Maybe taking some vacation, maybe strolling across warm, soft sands as sapphire waves lap up against your feet, maybe even spending time with family (that you like). But for determined cybercriminals, these periods of near-universal rest and relaxation are actually moments of attack. In […]
Exploitable Flaws in QuickBlox Framework Expose Millions of User Records
By Deeba Ahmed The flaws were discovered while examining an intercom mobile application from Israeli vendor Rozcom, which is based on the QuickBlox framework. This is a post from HackRead.com Read the original post: Exploitable Flaws in QuickBlox Framework Expose Millions of User Records
New Attack Drops LokiBot Malware Via Malicious Macros in Word Docs
By Waqas LokiBot, a notorious Trojan active since 2015, specializes in stealing sensitive information from Windows machines, posing a significant threat to user data. This is a post from HackRead.com Read the original post: New Attack Drops LokiBot Malware Via Malicious Macros in Word Docs
Chinese Group Storm-0558 Hacked European Govt Emails, Microsoft
By Waqas Microsoft has exposed and halted an intrusion campaign by a China-based threat actor, Storm-0558. This is a post from HackRead.com Read the original post: Chinese Group Storm-0558 Hacked European Govt Emails, Microsoft
Oxeye warns of SSRF Vulnerability in Owncast, SQL Injection Flaws in EaseProbe
By Waqas Owncase is a self-hosted live video streaming software, while EaseProbe is a lightweight and standalone health status checking tool. This is a post from HackRead.com Read the original post: Oxeye warns of SSRF Vulnerability in Owncast, SQL Injection Flaws in EaseProbe
Big Head Ransomware Found in Malvertising and Fake Windows Updates
By Deeba Ahmed The Big Head ransomware samples were discovered in the US, France, Spain, and Turkey. This is a post from HackRead.com Read the original post: Big Head Ransomware Found in Malvertising and Fake Windows Updates
Ransomware Extortion Skyrockets in 2023, Reaching $449.1 Million and Counting
Ransomware has emerged as the only cryptocurrency-based crime to grow in 2023, with cybercriminals extorting nearly $175.8 million more than they did a year ago, according to findings from Chainalysis. “Ransomware attackers are on pace for their second-biggest year ever, having extorted at least $449.1 million through June,” the blockchain analytics firm said in a midyear crypto […]