2024 had its fair share of high-profile cyber attacks, with companies as big as Dell and TicketMaster falling victim to data breaches and other infrastructure compromises. In 2025, this trend will continue. So, to be prepared for any kind of malware attack, every organization needs to know its cyber enemy in advance. Here are 5 common malware families that you can start preparing to counter
Chrome 131, Firefox 134 Updates Patch High-Severity Vulnerabilities
Chrome and Firefox updates released this week resolve high-severity vulnerabilities in the two popular browsers.
The post Chrome 131, Firefox 134 Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek.
Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks
A Mirai botnet variant has been found exploiting a newly disclosed security flaw impacting Four-Faith industrial routers since early November 2024 with the goal of conducting distributed denial-of-service (DDoS) attacks.
The botnet maintains approximately 15,000 daily active IP addresses, with the infections primarily scattered across China, Iran, Russia, Turkey, and the United States.
The botnet maintains approximately 15,000 daily active IP addresses, with the infections primarily scattered across China, Iran, Russia, Turkey, and the United States.
FCC Launches ‘Cyber Trust Mark’ for IoT Devices to Certify Security Compliance
The U.S. government on Tuesday announced the launch of the U.S. Cyber Trust Mark, a new cybersecurity safety label for Internet-of-Things (IoT) consumer devices.
“IoT products can be susceptible to a range of security vulnerabilities,” the U.S. Federal Communications Commission (FCC) said. “Under this program, qualifying consumer smart products that meet robust cybersecurity standards will bear
“IoT products can be susceptible to a range of security vulnerabilities,” the U.S. Federal Communications Commission (FCC) said. “Under this program, qualifying consumer smart products that meet robust cybersecurity standards will bear
First Android Update of 2025 Patches Critical Code Execution Vulnerabilities
This year’s first batch of monthly security updates for Android resolves 36 vulnerabilities, including critical remote code execution flaws.
The post First Android Update of 2025 Patches Critical Code Execution Vulnerabilities appeared first on SecurityWeek.
PowerSchool hack exposes student, teacher data from K-12 districts
Education software giant PowerSchool has confirmed it suffered a cybersecurity incident that allowed a threat actor to steal the personal information of students and teachers from school districts using its PowerSchool SIS platform. […]
CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three flaws impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The list of vulnerabilities is as follows –
The list of vulnerabilities is as follows –
CVE-2024-41713 (CVSS score: 9.1) – A path traversal vulnerability in Mitel MiCollab that could allow an attacker
Veracode Targets Malicious Code Threats with Phylum Acquisition
The deal includes certain Phylum assets, including its malicious package analysis, detection, and mitigation technology.
The post Veracode Targets Malicious Code Threats with Phylum Acquisition appeared first on SecurityWeek.
Casio says data of 8,500 people exposed in October ransomware attack
Japanese electronics manufacturer Casio says that the October 2024 ransomware incident exposed the personal data of approximately 8,500 people. […]
New Mirai botnet targets industrial routers with zero-day exploits
A relatively new Mirai-based botnet has been growing in sophistication and is now leveraging zero-day exploits for security flaws in industrial routers and smart home devices. […]