General Security News
-
North Korea Hackers Using New "Dolphin" Backdoor to Spy on South Korean Targets
The North Korea-linked ScarCruft group has been attributed to a previously undocumented backdoor called Dolphin that the threat actor has used...
-
Researchers Find a Way Malicious NPM Libraries Can Evade Vulnerability Detection
New findings from cybersecurity firm JFrog show that malware targeting the npm ecosystem can evade security checks by taking advantage of an...
-
This Malicious App Abused Hacked Devices to Create Fake Accounts on Multiple Platforms
A malicious Android SMS application discovered on the Google Play Store has been found to stealthily harvest text messages with the goal of...
-
3 New Vulnerabilities Affect OT Products from German Festo and CODESYS Companies
Researchers have disclosed details of three new security vulnerabilities affecting operational technology (OT) products from CODESYS and Festo that...
-
Chinese Cyber Espionage Hackers Using USB Devices to Target Entities in Philippines
A threat actor with a suspected China nexus has been linked to a set of espionage attacks in the Philippines that primarily relies on USB devices...
-
New Flaw in Acer Laptops Could Let Attackers Disable Secure Boot Protection
Acer has released a firmware update to address a security vulnerability that could be potentially weaponized to turn off UEFI Secure Boot on...
-
Dell, HP, & Lenovo System Found Using Outdated OpenSSL Cryptographic Library
The cybersecurity researchers at Binarly recently discovered that outdated versions of the OpenSSL cryptographic library are still being used by...
-
CISA Warns of Actively Exploited Critical Oracle Fusion Middleware Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical flaw impacting Oracle Fusion Middleware to its Known...
-
Researchers Detail AppSync Cross-Tenant Vulnerability in Amazon Web Services
Amazon Web Services (AWS) has resolved a cross-tenant vulnerability in its platform that could be weaponized by an attacker to gain unauthorized...
-
The 5 Cornerstones for an Effective Cyber Security Awareness Training
It's not news that phishing attacks are getting more complex and happening more often. This year alone, APWG reported a record-breaking total of...
-
Chrome Zero-Day Bug Actively Exploited in the Wild – Google Emergency Update!
The eighth zero-day vulnerability used in attacks this year has been fixed by Google in an emergency security upgrade for the desktop version of...
-
Operation HAECHI III – INTERPOL Arrested 1000 Cyber Criminals & Seized $130 Million
Recently, there have been almost 1000 arrests made as a result of a police operation conducted by INTERPOL in an attempt to combat online fraud....