General Security News
-
ManageEngine Information Disclosure Flaw Exposes Encryption Keys
ManageEngine, one of the most widely used IT infrastructure management platforms that offers more than 60 Enterprise IT management tools, has been...
-
U.S. Cybersecurity Agencies Warn of Scattered Spider's Gen Z Cybercrime Ecosystem
U.S. cybersecurity and intelligence agencies have released a joint advisory about a cybercriminal group known as Scattered Spider that's known to...
-
CISA Adds Three Security Flaws with Active Exploitation to KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added three security flaws to its Known Exploited Vulnerabilities...
-
Zero-Day Flaw in Zimbra Email Software Exploited by Four Hacker Groups
A zero-day flaw in the Zimbra Collaboration email software was exploited by four different groups in real-world attacks to pilfer email data, user...
-
Reptar – A New CPU Vulnerability Affects Intel and AMD CPUs
A critical CPU vulnerability can pose a significant threat by allowing:- Unauthorized access to sensitive data Enabling malicious code...
-
TA402 Group using Weaponized XLL and RAR Files to Deliver Malware
Researchers have discovered a new phishing campaign that targets Middle Eastern and North African Government Entities to deliver a new initial...
-
Hackers Abuse Google Forms to Bypass Anti-spam Filters
Cybersecurity researchers at Talos have discovered that spammers are taking advantage of Google Forms quizzes to disseminate various types of...
-
Russian Hackers Linked to 'Largest Ever Cyber Attack' on Danish Critical Infrastructure
Russian threat actors have been possibly linked to what's been described as the "largest cyber attack against Danish critical infrastructure," in...
-
U.S. Takes Down IPStorm Botnet, Russian-Moldovan Mastermind Pleads Guilty
The U.S. government on Tuesday announced the takedown of the IPStorm botnet proxy network and its infrastructure, as the Russian and Moldovan...
-
New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar
Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code...
-
What Does PCI DSS 4.0 Mean for API?
Payment Card Industry Data Security Standard or PCI DSS 4.0 was released in May 2022 by the PCI Security Standards Council (PCI SSC). After...
-
LogShield: A New Framework that Detects the APT Attack Patterns
There have been several cases of GPT model-based detection for various attacks from system logs. However, there has been no dedicated...