General Security News
-
Toyota Server Misconfiguration Leaks Owners Data for Over Seven Years
The Leak discloses Address, Vehicle Identification Number (VIN), Email address, Phone number, Name, and Vehicle Registration Number. The post...
-
Dark Pink APT Group Compromised 13 Organizations in 9 Countries
Dark Pink has successfully targeted 13 organizations across 9 countries, highlighting the extent of their malicious activities. The post Dark...
-
Hackers Exploit Barracuda Zero-Day Flaw Since 2022 to Install Malware
This vulnerability exists due to improper processing, validation, and sanitization of the names of the files within the user-supplied .tar file....
-
North Korea's Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks
U.S. and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors' use of social engineering tactics to...
-
MOVEit Transfer Under Attack: Zero-Day Vulnerability Actively Being Exploited
A critical flaw in Progress Software's in MOVEit Transfer managed file transfer application has come under widespread exploitation in the wild to...
-
Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks
An analysis of the "evasive and tenacious" malware known as QBot has revealed that 25% of its command-and-control (C2) servers are merely active...
-
Critical Jetpack WordPress Flaw Exposes Millions of Website
This vulnerability could be used by authors on a site to manipulate any files in the WordPress installation The post Critical Jetpack WordPress...
-
Shut Down Phishing Attacks – Types, Methods, Detection, Prevention Checklist
In today’s interconnected world, where digital communication and transactions dominate, phishing attacks have become an ever-present threat. By...
-
N. Korean ScarCruft Hackers Exploit LNK Files to Spread RokRAT
Cybersecurity researchers have offered a closer look at the RokRAT remote access trojan that's employed by the North Korean state-sponsored actor...
-
Active Mirai Botnet Variant Exploiting Zyxel Devices for DDoS Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw in Zyxel gear to its Known...
-
Urgent WordPress Update Fixes Critical Flaw in Jetpack Plugin on Million of Sites
WordPress has issued an automatic update to address a critical flaw in the Jetpack plugin that’s installed on over five million sites. The...
-
Kali Linux 2023.2 Released – What’s New!
Users of Kali Linux can now upgrade to the 2023.2 version, which has many new features and enhanced capabilities. The post Kali Linux 2023.2...