BlueBravo Deploys GraphicalProton Backdoor Against European Diplomatic Entities
The Russian nation-state actor known as BlueBravo has been observed targeting diplomatic entities throughout Eastern Europe with the goal of delivering a new backdoor called GraphicalProton, exemplifying the continuous evolution of the threat. The phishing campaign is characterized by the use of legitimate internet services (LIS) for command-and-control (C2) obfuscation, Recorded Future said in
Cybersecurity Agencies Warn Against IDOR Bugs Exploited for Data Breaches
Cybersecurity agencies in Australia and the U.S. have published a joint cybersecurity advisory warning against security flaws in web applications that could be exploited by malicious actors to orchestrate data breach incidents and steal confidential data. This includes a specific class of bugs called Insecure Direct Object Reference (IDOR), a type of access control flaw that occurs […]
Major Security Flaw Discovered in Metabase BI Software – Urgent Update Required
Users of Metabase, a popular business intelligence and data visualization software package, are being advised to update to the latest version following the discovery of an “extremely severe” flaw that could result in pre-authenticated remote code execution on affected installations. Tracked as CVE-2023-38646, the issue impacts open-source editions prior to 0.46.6.1 and Metabase Enterprise
Patch now! Ivanti Endpoint Manager Mobile Authentication vulnerability used in the wild
The Cybersecurity and Infrastructure Security Agency (CISA) added one new vulnerability to its Known Exploited Vulnerabilities Catalog affecting Ivanti Endpoint Manager Mobile, based on evidence of active exploitation. All Federal Civilian Executive Branch (FCEB) agencies must remediate this vulnerability by August 15, 2023 to protect their networks against active threats. We urge everyone else to take this […]
Cl0p Ransomware Strikes Deloitte, Company Refutes Breach
By Waqas In a message on its dark web breach blog, Cl0p Ransomware claims that The company (Deloitte) doesn’t care about its customers; it ignored their security. This is a post from HackRead.com Read the original post: Cl0p Ransomware Strikes Deloitte, Company Refutes Breach
Vulnerabilities exposed Peloton treadmills to malware and DoS attacks
By Habiba Rashid Internet-Connected Gym Equipment Raises Concerns Over Security Vulnerabilities! This is a post from HackRead.com Read the original post: Vulnerabilities exposed Peloton treadmills to malware and DoS attacks
Benefits of hiring a Java web application development company
By Owais Sultan Unlocking the Power: Key Benefits of Java and Hiring a Java Web Application Development Company. This is a post from HackRead.com Read the original post: Benefits of hiring a Java web application development company
Black Hat 2023: Understanding Mobile Exploitation Beyond the App – post by LinkCyb
Unveiling the World of Mobile Exploitation: ARM Architecture and Beyond Dinesh Shetty, Director, Security Engineering, Security Innovation Mobile applications are the obvious target for cyber attacks, but a secure application won’t faze a committed cyber adversary. They can exploit any mobile interface—an app, calls to the OS, and background operations. From there, they can easily […]
What your peers want to know before buying a DLP tool
The content of this post is solely the responsibility of the author. AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. Preventing data loss is a concern for almost every organization, regardless of size, especially organizations with sensitive data. Organizations, now more than ever […]
Iranian Stalkerware ‘Spyhide’ Steals Data from 60,000 Android Devices
By Habiba Rashid So far, Spyhide app collected 3.3 million texts and 1.2 million call logs from compromised Android devices. This is a post from HackRead.com Read the original post: Iranian Stalkerware ‘Spyhide’ Steals Data from 60,000 Android Devices