General Security News
-
Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability
The U.S. National Security Agency (NSA) on Tuesday said a threat actor tracked as APT5 has been actively exploiting a zero-day flaw in Citrix...
-
New Actively Exploited Zero-Day Vulnerability Discovered in Apple Products
Apple on Tuesday rolled out security updates to iOS, iPadOS, macOS, tvOS, and Safari web browser to address a new zero-day vulnerability that could...
-
Malware Strains Targeting Python and JavaScript Developers Through Official Repositories
An active malware campaign is targeting the Python Package Index (PyPI) and npm repositories for Python and JavaScript with typosquatted and fake...
-
Fortinet Warns of Active Exploitation of New SSL-VPN Pre-auth RCE Vulnerability
Fortinet on Monday issued emergency patches for a severe security flaw affecting its FortiOS SSL-VPN product that it said is being actively...
-
Researchers Demonstrate How EDR and Antivirus Can Be Weaponized Against Users
High-severity security vulnerabilities have been disclosed in different endpoint detection and response (EDR) and antivirus (AV) products that...
-
New Technique Discovered To Bypass Web Application Firewalls (WAF) Of Several Vendors
Experts from Industrial and IoT cybersecurity company Claroty developed a generic method for bypassing the web application firewalls (WAF) of a...
-
Cisco IP Phone Vulnerability Let Unauthenticated Attacker Execute Remote Code
Cisco has uncovered a high-severity vulnerability affecting its IP Phone 7800 and 8800 Series, tracked as CVE-2022-20968 (except Cisco Wireless...
-
COVID-bit – A New Secret Channel to Spy Data Over the Air from Air-gapped Systems
Researchers uncovered a new covert channel to steal sensitive information from Air-gapped systems over the air from a distance of 2m. The...
-
Royal Ransomware Threat Takes Aim at U.S. Healthcare System
The U.S. Department of Health and Human Services (HHS) has cautioned of ongoing Royal ransomware attacks targeting healthcare entities in the...
-
Hack-for-Hire Group Targets Travel and Financial Entities with New Janicab Malware Variant
Travel agencies have emerged as the target of a hack-for-hire group dubbed Evilnum as part of a broader campaign aimed at legal and financial...
-
Researchers Detail New Attack Method to Bypass Popular Web Application Firewalls
A new attack method can be used to circumvent web application firewalls (WAFs) of various vendors and infiltrate systems, potentially enabling...
-
North Korean APT37 Hackers Exploited IE Zero-Day Vulnerability Remotely
Researchers from the Google Threat Analysis group uncovered an incident associated with the north Korean APT37 hackers group that they have...