American IT software company Ivanti has released security updates to fix three new Cloud Services Appliance (CSA) zero-days tagged as actively exploited in attacks. […]
European govt air-gapped systems breached using custom malware
An APT hacking group known as GoldenJackal has successfully breached air-gapped government systems in Europe using two custom toolsets to steal sensitive data, like emails, encryption keys, images, archives, and documents. […]
SAP Patches Critical Vulnerability in BusinessObjects
SAP has released 12 new and updated security notes on October 2024 patch day, including one that fixes a critical flaw in BusinessObjects.
The post SAP Patches Critical Vulnerability in BusinessObjects appeared first on SecurityWeek.
Casio reports IT systems failure after weekend network breach
Japanese tech giant Casio has suffered a cyberattack after an unauthorized actor accessed its networks on October 5, causing system disruption that impacted some of its services. […]
SecurityWeek to Offer Industrial Cybersecurity Training in Atlanta on October 21
Premier Industrial Cybersecurity Conference offers 75+ sessions and hands-on training to tackle critical infrastructure cyber threats.
The post SecurityWeek to Offer Industrial Cybersecurity Training in Atlanta on October 21 appeared first on SecurityWeek.
CISA and FBI Warn of Iranian-Backed Cyber Activity to Undermine U.S. Democratic Institutions
Healthcare Organizations Warned of Trinity Ransomware Attacks
The Department of Health and Human Services warns of Trinity ransomware attacks targeting the healthcare sector.
The post Healthcare Organizations Warned of Trinity Ransomware Attacks appeared first on SecurityWeek.
Cyberattack Group ‘Awaken Likho’ Targets Russian Government with Advanced Tools
Russian government agencies and industrial entities are the target of an ongoing activity cluster dubbed Awaken Likho.
“The attackers now prefer using the agent for the legitimate MeshCentral platform instead of the UltraVNC module, which they had previously used to gain remote access to systems,” Kaspersky said, detailing a new campaign that began in June 2024 and continued at least until
“The attackers now prefer using the agent for the legitimate MeshCentral platform instead of the UltraVNC module, which they had previously used to gain remote access to systems,” Kaspersky said, detailing a new campaign that began in June 2024 and continued at least until
Ukrainian Malware Operator Pleads Guilty in US Court
Ukrainian national Mark Sokolovsky has pleaded guilty in a US court to operating the malware named Raccoon Infostealer.
The post Ukrainian Malware Operator Pleads Guilty in US Court appeared first on SecurityWeek.
New Case Study: The Evil Twin Checkout Page
Is your store at risk? Discover how an innovative web security solution saved one global online retailer and its unsuspecting customers from an “evil twin” disaster. Read the full real-life case study here.
The Invisible Threat in Online Shopping
When is a checkout page, not a checkout page? When it’s an “evil twin”! Malicious redirects can send unsuspecting shoppers to these perfect-looking