The administrator behind the notorious BreachForums hacking forum has been arrested again for breaking pretrial release conditions, including using an unmonitored computer and a VPN. […]
Hackers target Apache RocketMQ servers vulnerable to RCE attacks
Security researchers are detecting hundreds of IP addresses on a daily basis that scan or attempt to exploit Apache RocketMQ services vulnerable to a remote command execution flaw identified as CVE-2023-33246 and CVE-2023-37582. […]
Web3 security firm CertiK’s X account hacked to push crypto drainer
The Twitter/X account of blockchain security firm CertiK was hijacked today to redirect the company’s more than 343,000 followers to a malicious website pushing a cryptocurrency wallet drainer. […]
SpectralBlur: New macOS Backdoor Threat from North Korean Hackers
Cybersecurity researchers have discovered a new Apple macOS backdoor called SpectralBlur that overlaps with a known malware family that has been attributed to North Korean threat actors.
“SpectralBlur is a moderately capable backdoor that can upload/download files, run a shell, update its configuration, delete files, hibernate, or sleep, based on commands issued from the [
“SpectralBlur is a moderately capable backdoor that can upload/download files, run a shell, update its configuration, delete files, hibernate, or sleep, based on commands issued from the [
Memorial University recovers from cyberattack, delays semester start
The Memorial University of Newfoundland (MUN) continues to deal with the effects of a cyberattack that occurred in late December and postponed the start of classes in one campus. […]
Update your white hat hacking skills with $70 off this training bundle
Aggressively pursuing flaws and problems is the most effective way to ensure networks and data are secure. This 10-course ethical hacking bundle shows you how for $39.99, $70 off the $110 MSRP. […]
Crypto wallet founder loses $125,000 to fake airdrop website
A crypto wallet service co-founder shares with the world his agony after losing $125,000 to a crypto scam. The startup CEO, who at the time believed he was on a legitimate cryptocurrency airdrop website, realized after his loss that the domain he’d went on was setup for the purposes of phishing unsuspecting users. […]
Exposed Secrets are Everywhere. Here’s How to Tackle Them
Picture this: you stumble upon a concealed secret within your company’s source code. Instantly, a wave of panic hits as you grasp the possible consequences. This one hidden secret has the power to pave the way for unauthorized entry, data breaches, and a damaged reputation. Understanding the secret is just the beginning; swift and resolute action becomes imperative. However, lacking the
Orange Spain Faces BGP Traffic Hijack After RIPE Account Hacked by Malware
Mobile network operator Orange Spain suffered an internet outage for several hours on January 3 after a threat actor used administrator credentials captured by means of stealer malware to hijack the border gateway protocol (BGP) traffic.
“The Orange account in the IP network coordination center (RIPE) has suffered improper access that has affected the browsing of some of our customers,” the
“The Orange account in the IP network coordination center (RIPE) has suffered improper access that has affected the browsing of some of our customers,” the
Alert: Ivanti Releases Patch for Critical Vulnerability in Endpoint Manager Solution
Ivanti has released security updates to address a critical flaw impacting its Endpoint Manager (EPM) solution that, if successfully exploited, could result in remote code execution (RCE) on susceptible servers.
Tracked as CVE-2023-39336, the vulnerability has been rated 9.6 out of 10 on the CVSS scoring system. The shortcoming impacts EPM 2021 and EPM 2022 prior to SU5.
“If exploited, an
Tracked as CVE-2023-39336, the vulnerability has been rated 9.6 out of 10 on the CVSS scoring system. The shortcoming impacts EPM 2021 and EPM 2022 prior to SU5.
“If exploited, an