A new campaign tracked as “Dev Popper” is targeting software developers with fake job interviews in an attempt to trick them into installing a Python remote access trojan (RAT). […]
Severe Flaws Disclosed in Brocade SANnav SAN Management Software
Several security vulnerabilities disclosed in Brocade SANnav storage area network (SAN) management application could be exploited to compromise susceptible appliances.
The 18 flaws impact all versions up to and including 2.3.0, according to independent security researcher Pierre Barre, who discovered and reported them.
The issues range from incorrect firewall rules,
The 18 flaws impact all versions up to and including 2.3.0, according to independent security researcher Pierre Barre, who discovered and reported them.
The issues range from incorrect firewall rules,
10 Critical Endpoint Security Tips You Should Know
In today’s digital world, where connectivity is rules all, endpoints serve as the gateway to a business’s digital kingdom. And because of this, endpoints are one of hackers’ favorite targets.
According to the IDC, 70% of successful breaches start at the endpoint. Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT
According to the IDC, 70% of successful breaches start at the endpoint. Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT
New ‘Brokewell’ Android Malware Spread Through Fake Browser Updates
Fake browser updates are being used to push a previously undocumented Android malware called Brokewell.
“Brokewell is a typical modern banking malware equipped with both data-stealing and remote-control capabilities built into the malware,” Dutch security firm ThreatFabric said in an analysis published Thursday.
The malware is said to be in active development,
“Brokewell is a typical modern banking malware equipped with both data-stealing and remote-control capabilities built into the malware,” Dutch security firm ThreatFabric said in an analysis published Thursday.
The malware is said to be in active development,
Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack
Palo Alto Networks has shared remediation guidance for a recently disclosed critical security flaw impacting PAN-OS that has come under active exploitation.
The vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), could be weaponized to obtain unauthenticated remote shell command execution on susceptible devices. It has been addressed in
The vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), could be weaponized to obtain unauthenticated remote shell command execution on susceptible devices. It has been addressed in
Kaiser Permanente: Data breach may impact 13.4 million patients
Healthcare service provider Kaiser Permanente disclosed a data security incident that may impact 13.4 million people in the United States. […]
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites
Threat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allow site takeovers.
The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.9.2.0.
“This vulnerability, a SQL injection (SQLi) flaw, poses a severe threat as
The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.9.2.0.
“This vulnerability, a SQL injection (SQLi) flaw, poses a severe threat as
FBI warns against using unlicensed crypto transfer services
The FBI has warned today that using unlicensed cryptocurrency transfer services can result in financial loss if these platforms are taken down by law enforcement. […]
LA County Health Services: Patients’ data exposed in phishing attack
The L.A. County’s Department of Health Services, the second-largest public health care system in the United States, disclosed a data breach after patients’ personal and health information was exposed in a data breach resulting from a recent phishing attack impacting over two dozen employees. […]
Researchers sinkhole PlugX malware server with 2.5 million unique IPs
Researchers have sinkholed a command and control server for a variant of the PlugX malware and observed in six months more than 2.5 million connections from unique IP addresses. […]