General Security News
-
Turla Updates Kazuar Backdoor with Advanced Anti-Analysis to Evade Detection
The Russia-linked hacking crew known as Turla has been observed using an updated version of a known second-stage backdoor referred to as Kazuar....
-
Alert: F5 Warns of Active Attacks Exploiting BIG-IP Vulnerability
F5 is warning of active abuse of a critical security flaw in BIG-IP less than a week after its public disclosure that could result in the execution...
-
Arid Viper Targeting Arabic Android Users with Spyware Disguised as Dating App
The threat actor known as Arid Viper (aka APT-C-23, Desert Falcon, or TAG-63) has been attributed as behind an Android spyware campaign targeting...
-
The Risk of RBAC Vulnerabilities – A Prevention Guide
Role-Based Access Control (RBAC) is a security paradigm focused on assigning system access to users based on their organizational role. It’s a...
-
Hackers Deliver Remcos RAT as Weaponized PDF Payslip Document
AhnLab Security Emergency Response Center (ASEC) has recently revealed a disturbing case of Remcos RAT, a malicious software that can remotely...
-
F-Secure Eyes $9.5M in Cost Savings With Layoffs
F-Secure has recently implemented organizational changes in order to pursue strategic growth initiatives and meet its financial targets. These...
-
Meta Launches Paid Ad-Free Subscription in Europe to Satisfy Privacy Laws
Meta on Monday announced plans to offer an ad-free option to access Facebook and Instagram for users in the European Union (EU), European Economic...
-
Pro-Hamas Hacktivists Targeting Israeli Entities with Wiper Malware
A pro-Hamas hacktivist group has been observed using a new Linux-based wiper malware dubbed BiBi-Linux Wiper, targeting Israeli entities amidst the...
-
New Webinar: 5 Must-Know Trends Impacting AppSec
Modern web app development relies on cloud infrastructure and containerization. These technologies scale on demand, handling millions of daily file...
-
Raven: Open-source CI/CD Pipeline Vulnerability Scanner Tool
Cycode is excited to introduce Raven, a state-of-the-art security scanner for CI/CD pipelines. Raven stands for Risk Analysis and...
-
D-LINK SQL Injection Vulnerability Let Attacker Gain Admin Privileges
A security flaw called SQL injection has been uncovered in the D-Link DAR-7000 device. SQL injection is a malicious attack that exploits...
-
VMware Tools Flaw Let Attackers Escalate Privileges
Two high vulnerabilities have been discovered in VMware Tools, which were assigned with CVE-2023-34057 and CVE-2023-34058 . These...