General Security News
-
Iranian Nation-State Actors Employ Password Spray Attacks Targeting Multiple Sectors
Iranian nation-state actors have been conducting password spray attacks against thousands of organizations globally between February and July 2023,...
-
Microsoft Uncovers Flaws in ncurses Library Affecting Linux and macOS Systems
A set of memory corruption flaws have been discovered in the ncurses (short for new curses) programming library that could be exploited by threat...
-
Free Download Manager Site Compromised to Distribute Linux Malware to Users for 3+ Years
A download manager site served Linux users malware that stealthily stole passwords and other sensitive information for more than three years as...
-
Hackers Attack Facebook Business Users Aggressively to Steal Login Credentials
A new and highly concerning cyber threat has emerged, as a botnet known as “MrTonyScam” has been orchestrating an extensive Messenger phishing...
-
ReconAIzer: OpenAI-based Extension for Burp Suite
Burp Suite, the renowned Bug Bounty Hunting and Web Application Penetration Testing tool, has been improvised with many extensions over the years....
-
Weaponized Free Download Manager for Linux Steals System Data & Passwords
In recent years, Linux systems gained prominence among diverse threat actors, with more than 260,000 unique samples emerging in H1 2023. In the...
-
Alert: New Kubernetes Vulnerabilities Enable Remote Attacks on Windows Endpoints
Three interrelated high-severity security flaws discovered in Kubernetes could be exploited to achieve remote code execution with elevated...
-
Researchers Detail 8 Vulnerabilities in Azure HDInsight Analytics Service
More details have emerged about a set of now-patched cross-site scripting (XSS) flaws in the Microsoft Azure HDInsight open-source analytics...
-
Webinar: Identity Threat Detection & Response (ITDR) – Rips in Your Identity Fabric
In today's digital age, SaaS applications have become the backbone of modern businesses. They streamline operations, enhance productivity, and...
-
Windows Arbitrary File Deletion Vulnerability Leads to Full System Compromise
Threat actors were using Windows Arbitrary File Deletion to perform Denial-of-service attacks on systems affected by this vulnerability. However,...
-
New Sponsor Malware Attacking Government & Healthcare Organizations
The Ballistic Bobcat is an Iran-aligned APT group, and initially, about two years ago, cybersecurity researchers at ESET tracked this threat...
-
Top 10 SaaS Security Checklist in 2023
Software as a Service (SaaS) security refers to the measures and practices employed to protect SaaS solutions’ data, applications, and...