Mastodon Social Network Patches Critical Flaws Allowing Server Takeover
Mastodon, a popular decentralized social network, has released a security update to fix critical vulnerabilities that could expose millions of users to potential attacks. Mastodon is known for its federated model, consisting of thousands of separate servers called “instances,” and it has over 14 million users across more than 20,000 instances. The most critical vulnerability, […]
Global Translation Service Exposed Highly Sensitive Records Online
By Waqas The company behind the database mess-up is Kings of Translation, a US-based “premium translation service provider.” This is a post from HackRead.com Read the original post: Global Translation Service Exposed Highly Sensitive Records Online
Close Security Gaps with Continuous Threat Exposure Management
CISOs, security leaders, and SOC teams often struggle with limited visibility into all connections made to their company-owned assets and networks. They are hindered by a lack of open-source intelligence and powerful technology required for proactive, continuous, and effective discovery and protection of their systems, data, and assets. As advanced threat actors constantly search for […]
BlackByte 2.0 Ransomware: Infiltrate, Encrypt, and Extort in Just 5 Days
Ransomware attacks are a major problem for organizations everywhere, and the severity of this problem continues to intensify. Recently, Microsoft’s Incident Response team investigated the BlackByte 2.0 ransomware attacks and exposed these cyber strikes’ terrifying velocity and damaging nature. The findings indicate that hackers can complete the entire attack process, from gaining initial access
What is an incident response plan (IRP) and how effective is your incident response posture?
As everyone looks about, sirens begin to sound, creating a sense of urgency; they only have a split second to determine what to do next. The announcer repeats himself over the loudspeaker in short bursts… This is not a drill; report to your individual formations and proceed to the allocated zone by following the numbers […]
Google Releases Android Patch Update for 3 Actively Exploited Vulnerabilities
Google has released its monthly security updates for the Android operating system, addressing 46 new software vulnerabilities. Among these, three vulnerabilities have been identified as actively exploited in targeted attacks. One of the vulnerabilities tracked as CVE-2023-26083 is a memory leak flaw affecting the Arm Mali GPU driver for Bifrost, Avalon, and Valhall chips. This […]
JumpCloud Resets API Keys Amid Ongoing Cybersecurity Incident
JumpCloud, a provider of cloud-based identity and access management solutions, has swiftly reacted to an ongoing cybersecurity incident that impacted some of its clients. As part of its damage control efforts, JumpCloud has reset the application programming interface (API) keys of all customers affected by this event, aiming to protect their valuable data. The company […]
Warning issued over vulnerability in cardiac devices
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a vulnerability that could result in remote code execution or a denial-of-service (DoS) condition impacting a healthcare delivery organization’s Paceart Optima system. Paceart Optima is a software application that runs on a healthcare delivery organization’s Windows server. The application collects, stores, and can […]
Update Android now! Google patches three actively exploited zero-days
In July’s update for the Android operating system (OS), Google has patched 43 vulnerabilities, three of which are actively exploited zero-day vulnerabilities. The security bulletin notes that there are indications that these three vulnerabilities may be under limited, targeted exploitation. If your Android phone is at patch level 2023-07-05 or later then the issues discussed […]
China-Linked Spyware Found in Google Play Store Apps, 2m Downloads
By Waqas Mobile security solutions provider Pradeo’s security researchers have shared details of the spyware they discovered hiding on the… This is a post from HackRead.com Read the original post: China-Linked Spyware Found in Google Play Store Apps, 2m Downloads