General Security News
-
Cisco Switch Flaw Let Attack Reads Encrypted Traffic
The Cisco ACI Multi-Site CloudSec encryption feature of the Cisco Nexus 9000 Series switches contains a critical flaw that enables attackers to...
-
Iranian Hackers' Sophisticated Malware Targets Windows and macOS Users
The Iranian nation-state actor known as TA453 has been linked to a new set of spear-phishing attacks that infect both Windows and macOS operating...
-
Surviving the 800 Gbps Storm: Gain Insights from Gcore's 2023 DDoS Attack Statistics
Gcore Radar is a quarterly report prepared by Gcore that provides insights into the current state of the DDoS protection market and cybersecurity...
-
Researchers Uncover New Linux Kernel 'StackRot' Privilege Escalation Vulnerability
Details have emerged about a newly identified security flaw in the Linux kernel that could allow a user to gain elevated privileges on a target...
-
TeamsPhisher Tool Exploits Microsoft Teams Flaw to Send Malware to Users
US Navy, one of the red team members, recently released “TeamsPhisher,” a tool that exploits the Microsoft Teams’ security flaw that is not fixed...
-
ChatGPT Disables the Browsing Feature as it Bypasses Paywalls on Websites
OpenAI recently disabled ChatGPT’s Bing browsing due to user discovery of its paywall-bypassing potential, commonly employed by news outlets to...
-
Firefox, ESR, and Thunderbird Memory Safety Bugs Could Allow Unauthorized Code Execution
Firefox has released patches for some of its high and moderate vulnerabilities in Firefox, ESR (Extended Support Release), and Thunderbird...
-
RedEnergy Stealer-as-a-Ransomware Threat Targeting Energy and Telecom Sectors
A sophisticated stealer-as-a-ransomware threat dubbed RedEnergy has been spotted in the wild targeting energy utilities, oil, gas, telecom, and...
-
Secrets, Secrets Are No Fun. Secrets, Secrets (Stored in Plain Text Files) Hurt Someone
Secrets are meant to be hidden or, at the very least, only known to a specific and limited set of individuals (or systems). Otherwise, they aren't...
-
Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware
The npm registry for the Node.js JavaScript runtime environment is susceptible to what's called a manifest confusion attack that could potentially...
-
How to Boost Cybersecurity in Your E-commerce Business
Being a business owner has unquestionably many perks. However, there are plenty of hazards as well. Criminals often target businesses of all sizes...
-
Mediatek Security Flaws Affecting Smartphones, Tablets, Wi-Fi, and Other Chipsets
The July 2023 Product Security Bulletin from Taiwanese chipmaker MediaTek describes security flaws impacting MediaTek chipsets for smartphones,...