A Chinese cyber-espionage group breached the Dutch Ministry of Defence last year and deployed malware on compromised devices, according to the Military Intelligence and Security Service (MIVD) of the Netherlands. […]
Data breach at French healthcare services firm puts millions at risk
French healthcare services firm Viamedis suffered a cyberattack that exposed the data of policyholders and healthcare professionals in the country. […]
JetBrains warns of new TeamCity auth bypass vulnerability
JetBrains urged customers today to patch their TeamCity On-Premises servers against a critical authentication bypass vulnerability that can let attackers take over vulnerable instances with admin privileges. […]
Google says spyware vendors behind most zero-days it discovers
Commercial spyware vendors (CSV) were behind 80% of the zero-day vulnerabilities Google’s Threat Analysis Group (TAG) discovered in 2023 and used to spy on devices worldwide. […]
Verizon insider data breach hits over 63,000 employees
Verizon Communications is warning that an insider data breach impacts almost half its workforce, exposing sensitive employee information. […]
Beware: Fake Facebook Job Ads Spreading ‘Ov3r_Stealer’ to Steal Crypto and Credentials
Threat actors are leveraging bogus Facebook job advertisements as a lure to trick prospective targets into installing a new Windows-based stealer malware codenamed Ov3r_Stealer.
“This malware is designed to steal credentials and crypto wallets and send those to a Telegram channel that the threat actor monitors,” Trustwave SpiderLabs said in a report shared with The Hacker News.
Ov3r_Stealer
“This malware is designed to steal credentials and crypto wallets and send those to a Telegram channel that the threat actor monitors,” Trustwave SpiderLabs said in a report shared with The Hacker News.
Ov3r_Stealer
Experts Detail New Flaws in Azure HDInsight Spark, Kafka, and Hadoop Services
Three new security vulnerabilities have been discovered in Azure HDInsight’s Apache Hadoop, Kafka, and Spark services that could be exploited to achieve privilege escalation and a regular expression denial-of-service (ReDoS) condition.
“The new vulnerabilities affect any authenticated user of Azure HDInsight services such as Apache Ambari and Apache Oozie,” Orca security
“The new vulnerabilities affect any authenticated user of Azure HDInsight services such as Apache Ambari and Apache Oozie,” Orca security
CISA Announces Renewal of the Information and Communications Technology Supply Chain Risk Management Task Force
How a $10B Enterprise Customer Drastically Increased their SaaS Security Posture with 201% ROI by Using SSPM
SaaS applications are the darlings of the software world. They enable work from anywhere, facilitate collaboration, and offer a cost-effective alternative to owning the software outright. At the same time, the very features that make SaaS apps so embraced – access from anywhere and collaboration – can also be exploited by threat actors.
Recently, Adaptive Shield commissioned a Total Economic
Recently, Adaptive Shield commissioned a Total Economic
Hackers Exploit Job Boards in APAC, Steal Data of Millions of Job Seekers
Employment agencies and retail companies chiefly located in the Asia-Pacific (APAC) region have been targeted by a previously undocumented threat actor known as ResumeLooters since early 2023 with the goal of stealing sensitive data.
Singapore-headquartered Group-IB said the hacking crew’s activities are geared towards job search platforms and the theft of resumes, with as many as 65
Singapore-headquartered Group-IB said the hacking crew’s activities are geared towards job search platforms and the theft of resumes, with as many as 65