Home News Security & Vulnerability

Security & Vulnerability

Malware Hide-in-SSD Firmware gets a makeover found

A new set of assaults against Solid-State Drives has been devised by Korean researchers (SSDs). These attacks allow malware to be deployed in places where security systems and users are unable...

Attackers aren’t finished using Log4Shell, says Microsoft and FTC

Microsoft is warning Windows and Azure customers to be cautious when dealing with potential attacks based on the Log4Shell flaws in the popular Java logging framework Log4j. The Apache Software Foundation announced...

For cookie violations, Google was fined 150 million euros in France

The CNIL, France's data privacy authority, fined Alphabet's Google a record 150 million euros ($169 million) on Thursday for making it difficult for internet users to refuse online trackers known as...

Using CASB to Manage Critical Assets and Establish User Access

According to Thomas Likas, global head of security architecture and engineering at Takeda Pharmaceuticals, using the cloud access security broker's three features - API-level integration with managed device transfer for visibility,...

‘Credential stuffing’ affects 1.1 million people in New York

Attorney General Letitia James of New York says her office has notified 17 companies about 'credential stuffing' cyber intrusions that have affected over 1.1 million people.  Credential stuffing is a sort of...

Hundreds of real estate websites using cloud video hosting providers, victimized by online skimming...

Researchers have warned that hundreds of real estate websites are being targeted by online skimming attacks using a cloud-based video storage service. Attackers are utilizing the service to carry out a supply...

Operators have begun to rebrand, as ransomware assaults have decreased

Positive Technologies examined the threat landscape in Q3 2021 and discovered that attacks against individuals, as well as assaults utilizing remote access malware, had escalated. However, as we shall see in...

Cobalt Strike Beacon executed using MSBuild

Two independent malicious operations using MSBuild to launch the Cobalt Strike payload on targeted PCs were detected by a researcher from Morphus Labs. The attackers utilize an RDP account to obtain access...

Passwords saved in many browsers by RedLine Malware Pilfer

According to research published by AhnLab ASEC, users should avoid using the auto-login option included in many popular web browsers. On cybercrime forums, the RedLine stealer is commodity spyware that can be...

Two Israeli news organizations hacked, a threatening message and a photograph shared

Early Monday, two prominent Israeli news sites were hacked with a menacing message that looked to be tied to the murder of a top Iranian general two years ago. A graphic of...