Users of Zoom on Macs Told to Update App as Company Issues Security Fix

Zoom disclosed the details about the sensitive security gaps that were affecting both the standard and IT admin versions of the application. The bugs could be exploited in Zoom’s update process.

Secure Boot Bypass Flaws Affect Bootloaders of Many Devices Made in Past Decade

Secure Boot is a mechanism designed to protect a device’s boot process from attacks, and bypassing it can allow an attacker to execute arbitrary code before the operating system loads.

Hackers Attack U.K Water Supplier But Extort Wrong Company

South Staffordshire Water, which is a source of drinking water to 1.6 consumers, suffered IT disruption from a cyberattack. However, the safety and water distribution systems are still operational.

Microsoft Shuts Down Accounts Linked to Russian Spies

The criminals make contact with their targets via email, and for this, they register new accounts with different consumer email providers, and they use email addresses or alias designed to look like a legitimate person.

Russian State Hackers Continue to Attack Ukrainian Entities with Infostealer Malware

The Russian Gamaredon actor has been found using the GammaLoad.PS1 delivery chain against Ukrainian entities to steal files and credentials. The attacker group was recently linked to a similar series of social engineering attacks.

Chinese Cyberspies Use Supply Chain Attack to Deliver Windows, macOS Malware

China-backed Iron Tiger APT compromised the servers of MiMi – an instant messaging application available on Windows, macOS, Android, and iOS chat applications, for a supply chain attack.

BharatPay Data Breach: Personal data, Transaction Details of 37,000 Users Leaked Online - ET CISO

BharatPay, an Indian finance service, leaked PII and sensitive financial data of users. Researchers found that transaction data and API keys of online bill payment facilitators such as Patchway Recharge and Mr. Robotics were also exposed.

Microsoft Warns About Phishing Attacks by Russia-linked Hackers

Microsoft has reportedly dismantled phishing operations by a highly persistent threat actor. Researchers have spotted SEABORGIUM intrusions that abuse OneDrive to host PDF files that contain a link to the malicious URL.

Software Patches Flaw on macOS Could Let Hackers Bypass All Security Levels

A macOS bug in its software update system could allow attackers to access all files on Mac devices. A generic process injection vulnerability can be used to escape the sandbox, elevate privileges to root and to bypass SIP’s filesystem restrictions.

Credential Theft Is (Still) A Top Attack Method

We're creating a potential gateway for a bad actor to exploit every time we create a password that leads to a critical resource, whether that password is meant for an internal or external user.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags