Latest Cybersecurity News and Articles

VMware patches critical auth bypass flaw in multiple products

VMware warned customers today to immediately patch a critical authentication bypass vulnerability "affecting local domain users" in multiple products that can be exploited to obtain admin privileges.

Chaos Ransomware Variant Sides with Russia

Such actions have created tension internally within the threat actor groups as it has caused dissension, and externally, as organizations fear being targeted due to the political nature of the war.

Cybersecurity pros spend hours on issues that should have been prevented

In a survey commissioned by Invicti, some 41% of the security professionals and 32% of the developers surveyed said they spend more than five hours each workday addressing security issues that should not have occurred in the first place.

Over 380,000 Kubernetes API Servers Exposed to Internet: Shadowserver

ShadowServer is conducting daily scans of the IPv4 space on ports 443 and 6443, looking for IP addresses that respond with an HTTP 200 OK status, which indicates that the request has succeeded.

The Vulnerable Maritime Supply Chain - a Threat to the Global Economy

The merchant maritime sector functions with vessels that have been operational for anything from a few years to a few decades. The older vessels have had new technology added to improve efficiency through digitization and automation.

Data of 22.5 Million Malaysians Born 1940-2004 Allegedly Being Sold for $10,000

The alleged data leak involves information purportedly stolen from the National Registration Department (NRD). Local tech portal Amanz reported that the database, 160GB in size, is being sold for US$10,000 (S$13,846) on the dark web.

Bangladesh Added to Targets in Bitter APT’s Ongoing Campaign

Bangladesh Added to Targets in Bitter APT’s Ongoing Campaign - Cybersecurity news
Cisco Talos revealed an ongoing campaign operated by the APT actor since August 2021. The campaign has been launched against an elite unit of the Bangladeshi government via spear-phishing emails.

Hackers Gain Fileless Persistence on Targeted SQL Servers Using Built-in Utility

The intrusions, which leverage brute-force attacks as an initial compromise vector, stand out for their use of the utility "sqlps.exe," the tech giant said in a series of tweets.

Override Panda Targets South Asia in New Espionage Campaign

Override Panda Targets South Asia in New Espionage Campaign - Cybersecurity news
Chinese APT Override Panda, aka Naikon, was found launching new phishing attacks to collect intelligence from ASEAN members to steal sensitive data. The recent campaign uses a weaponized Office document to start the infection kill chain. Organizations are suggested to focus on protecting their sens ... Read More

Wizard Spider Hackers Hire Cold Callers to Scare Ransomware Victims Into Paying Up

PRODAFT says that Wizard Spider focuses on compromising enterprise networks and "has a significant presence in almost every developed country in the world, and many emerging economies as well."

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags