Beware: Cisco dials up warning on software vulnerability Cisco has found attempts to exploit a vulnerability in its IOS Software and IOS XE Software. The vulnerability, tracked as CVE-2023-20109, has a CVSS score of 6.6 and is considered medium severity. All versions of the software with the GDOI or G-IKEv2 protocol enabled are impacted. Dialling
Read More
Thieves in the Codehouse: Github Accounts Hijacked in New Malicious Campaign Here are the key takeaways: – A new malicious campaign is hijacking GitHub accounts and inserting malicious code. – The cunning culprits disguise this code as Dependabot contributions. – The objective is to pilfer passwords from unsuspecting developers. – This hazardous code exports the
Read More
Summary: Cybersecurity agencies in Japan and U.S. warn of attacks by Chinese state-backed hacking group. The group, known as BlackTech, is accused of tampering with branch routers to infiltrate networks . This ongoing threat creates a cybersecurity concern in both corporate and national security. A Proactive Warning from U.S and Japanese Cybersecurity Agencies Grab your
Read More
Changing Tides in Browser Security Main Points: The landscape of browser security has evolved substantially in the past decade. Once considered a gold standard, Browser Isolation is less effective in today’s SaaS-centric world. Browser Isolation limitations include degraded browser performance and inability to address evolving threats. Browser Security: An Evolution Story Remember when “Spy vs
Read More
– The China-linked threat actor Budworm is behind a recent spate of cyber-attacks on government and telecom entities. – The threats were launched against a Middle Eastern telecommunications company and an Asian government. – These attacks took place in August 2023. – Budworm employed the use of an advanced version of its SysUpdate toolkit. –
Read More
Google Attends to New Actively Exploited Zero-Day in Chrome Browser Main Points: Google has launched fixes for a newly found active zero-day in the Chrome browser. The vulnerability, identified as CVE-2023-5217, is a high-risk issue. This bug is a heap-based buffer overflow in the VP8 compression format in libvpx. Buffer overflow flaws like this one
Read More
AtlasCross Phishing Lures with a Twist of Red Cross Spice – The new threat actor AtlasCross uses Red Cross-themed phishing lures to deliver two unlisted backdoors – DangerAds and AtlasAgent. – AtlasCross, renowned for its high technical level and cautious attack attitude, has been labelled by NSFOCUS Security Labs as strikingly targeted. – The captured
Read More
GPU.zip: A New Side-channel Attack Throttles Graphics Processors – Researchers identify new side-channel attack called GPU.zip that threatens most modern GPUs. – The attack leverages data compression optimization embedded in virtually all GPUs. – The research team hailed from prominent academic institutions including the University of Texas at Austin, Carnegie Mellon University and more. –
Read More
Summary of Data Security Woes: The High Price of Cybercrime Main Takeaways Data security often makes headlines due to major breaches. New hacking methods threaten supposedly secure data. Despite being costly to prevent, cybercrimes like data breaches, ransomware, and malware attacks are even more expensive when they occur. Costly Consequences of Cyber Breaches Put on
Read More
New ZenRAT Malware Trots Its Way Through Bogus Bitwarden Installs Main Points A new strain of malware dubbed ZenRAT is lumbering about in the digital wilderness. If you click the wrong links, you could find yourself in a good bit of trouble. The tricky part? This new baddie is luring unsuspecting victims through fake installation
Read MoreNo products in the cart.