A major vulnerability impacting a large chunk of the Linux ecosystem has been patched today in Sudo, an app that allows admins to delegate limited root access to other users.
"This incident is related to Accellion software used by ASIC to transfer files and attachments," the corporate regulator said in a notice posted on the evening before a public holiday.
Cybercriminals will often use brute-force attacks, phishing emails, and existing data dumps to break into corporate networks but there is one area that is often ignored to a company's detriment: ghost accounts.
Google said that a North Korean government hacking group has targeted members of the cyber-security community engaging in vulnerability research. The attacks have been spotted by the Google Threat Analysis Group (TAG).
Dutch police have arrested two individuals for allegedly selling data from the health ministry's COVID-19 systems on the criminal underground. The accused had advertised the stolen data on instant messaging apps like Telegram, Snapchat, and Wickr.
Analyzed in a report published last week by security firm Zscaler, the company said this new threat is a variant of an older botnet named SystemdMiner, first seen in early 2019.
The leaked data includes real names, emails, location details, body details, dating preferences, marital status, hashed passwords, Facebook user IDs, Facebook authentication tokens, and IP addresses.
Networking device maker SonicWall has disclosed that it is investigating a security breach of its internal network after detecting what it described as a "coordinated attack."
The Russian government has issued a security alert warning Russian businesses of potential cyberattacks launched by the United States in response to the SolarWinds incident.
The hackers behind the ransomware attack on the Scottish Environment Protection Agency (SEPA) have published thousands of stolen files after the organisation refused to pay the ransom.
Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.