Companies are engaged in a seemingly endless cat-and-mouse game when it comes to cybersecurity and cyber threats. As organizations put up one defensive block after another, malicious actors kick their game up a notch to get around those blocks. Part of the challenge is to coordinate the defensive abilities of disparate security tools, even as organizations have limited resources and a dearth of
Pegasus Spyware Targeted iPhones of Journalists and Activists in Jordan
The iPhones belonging to nearly three dozen journalists, activists, human rights lawyers, and civil society members in Jordan have been targeted with NSO Group’s Pegasus spyware, according to joint findings from Access Now and the Citizen Lab.
Nine of the 35 individuals have been publicly confirmed as targeted, out of whom had their devices compromised with the mercenary
Nine of the 35 individuals have been publicly confirmed as targeted, out of whom had their devices compromised with the mercenary
New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw
The threat actors behind the Mispadu banking Trojan have become the latest to exploit a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico.
The attacks entail a new variant of the malware that was first observed in 2019, Palo Alto Networks Unit 42 said in a report published last week.
Propagated via phishing mails, Mispadu is a Delphi-based information stealer
The attacks entail a new variant of the malware that was first observed in 2019, Palo Alto Networks Unit 42 said in a report published last week.
Propagated via phishing mails, Mispadu is a Delphi-based information stealer
Microsoft is bringing the Linux sudo command to Windows Server
Microsoft is bringing the Linux ‘sudo’ feature to Windows Server 2025, offering a new way for admins to elevate privileges for console applications. […]
Leaky Vessels flaws allow hackers to escape Docker, runc containers
Four vulnerabilities collectively called “Leaky Vessels” allow hackers to escape containers and access data on the underlying host operating system. […]
Clorox says cyberattack caused $49 million in expenses
Clorox has confirmed that a September 2023 cyberattack has so far cost the company $49 million in expenses related to the response to the incident. […]
Check if you’re in Google Chrome’s third-party cookie phaseout test
Google has started testing the phasing out of third-party cookies on Chrome, affecting about 1% of its users or approximately 30 million people. Learn how to check if you are part of the initial test. […]
Mastodon vulnerability allows attackers to take over accounts
Mastodon, the free and open-source decentralized social networking platform, has fixed a critical vulnerability that allows attackers to impersonate and take over any remote account. […]
U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) announced sanctions against six officials associated with the Iranian intelligence agency for attacking critical infrastructure entities in the U.S. and other countries.
The officials include Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin
The officials include Hamid Reza Lashgarian, Mahdi Lashgarian, Hamid Homayunfal, Milad Mansuri, Mohammad Bagher Shirinkar, and Reza Mohammad Amin
Mastodon Vulnerability Allows Hackers to Hijack Any Decentralized Account
The decentralized social network Mastodon has disclosed a critical security flaw that enables malicious actors to impersonate and take over any account.
“Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account,” the maintainers said in a terse advisory.
The vulnerability, tracked as CVE-2024-23832, has a severity rating of 9.4 out of
“Due to insufficient origin validation in all Mastodon, attackers can impersonate and take over any remote account,” the maintainers said in a terse advisory.
The vulnerability, tracked as CVE-2024-23832, has a severity rating of 9.4 out of