General Security News
-
StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices
An advanced strain of malware masquerading as a cryptocurrency miner has managed to fly the radar for over five years, infecting no less than one...
-
Okta's Recent Customer Support Data Breach Impacted 134 Customers
Identity and authentication management provider Okta on Friday disclosed that the recent support case management system breach affected 134 of its...
-
SaaS Security is Now Accessible and Affordable to All
This new product offers SaaS discovery and risk assessment coupled with a free user access review in a unique “freemium” model Securing employees'...
-
Iran's MuddyWater Targets Israel in New Spear-Phishing Cyber Campaign
The Iranian nation-state actor known as MuddyWater has been linked to a new spear-phishing campaign targeting two Israeli entities to ultimately...
-
Researchers Find 34 Windows Drivers Vulnerable to Full Device Takeover
As many as 34 unique vulnerable Windows Driver Model (WDM) and Windows Driver Frameworks (WDF) drivers could be exploited by non-privileged threat...
-
Hackers Deliver Malicious DLL Files Chained With Legitimate EXE Files
Hackers opt for DLL hijacking as a technique to exploit vulnerable applications because it allows them to load malicious code by tricking a...
-
CitrixBleed Flaw Widely Exploited, Primarily by a Ransomware Gang
At the end of October, AssetNote released a proof-of-concept for the CVE-2023–4966 associated with sensitive information disclosure for Citrix...
-
F5 Warns of Active Attacks Targeting BIG-IP SQL injection vulnerability
F5 Networks has issued a security alert about a severe vulnerability in its BIG-IP Configuration utility, identified as CVE-2023-46748. This...
-
Researchers Expose Prolific Puma's Underground Link Shortening Service
A threat actor known as Prolific Puma has been maintaining a low profile and operating an underground link shortening service that's offered to...
-
Hands on Review: LayerX's Enterprise Browser Security Extension
The browser has become the main work interface in modern enterprises. It’s where employees create and interact with data, and how they access...
-
Iranian Cyber Espionage Group Targets Financial and Government Sectors in Middle East
A threat actor affiliated with Iran's Ministry of Intelligence and Security (MOIS) has been observed waging a sophisticated cyber espionage...
-
Atlassian Urged Customers to Fix Critical Confluence Security Flaw Right Away!
Atlassian has been reported with a critical vulnerability in their Confluence Software, which several organizations have widely adopted. The...