N.K. Hackers Employ Matryoshka Doll-Style Cascading Supply Chain Attack on 3CX
The supply chain attack targeting 3CX was the result of a prior supply chain compromise associated with a different company, demonstrating a new...
New Linux Malware Linked With 3CX Supply-Chain Attack
ESET researchers have recently discovered that Linux users targeted with malware in the new “Operation DreamJob” Lazarus campaign for the first time.
The group behind...
Cisco and VMware Release Security Updates to Patch Critical Flaws in their Products
Apr 21, 2023Ravie LakshmananSoftware Update / Network Security
Cisco and VMware have released security updates to address critical security flaws in their products that...
NSO Group Used 3 Zero-Click iPhone Exploits Against Human Rights Defenders
Israeli spyware maker NSO Group deployed at least three novel "zero-click" exploits against iPhones in 2022 to infiltrate defenses erected by Apple and...
ChatGPT’s Data Protection Blind Spots and How Security Teams Can Solve Them
Apr 20, 2023The Hacker NewsArtificial Intelligence / Data Safety
In the short time since their inception, ChatGPT and other generative AI platforms have rightfully...
Fortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks
Apr 20, 2023Ravie LakshmananRansomware / Cyber Attack
Fortra, the company behind Cobalt Strike, shed light on a zero-day remote code execution (RCE) vulnerability in...
New Google Chrome Zero-Day Bug Actively Exploited in Wide
On April 18, 2023, Google released a new update for Chrome Desktop versions with security updates for actively exploited second Chrome zero-day vulnerability that...
Beyond Traditional Security: NDR’s Pivotal Role in Safeguarding OT Networks
Apr 20, 2023The Hacker NewsOT and ICS Security
Why is Visibility into OT Environments Crucial?
The significance of Operational Technology (OT) for businesses is undeniable...
Two Critical Flaws Found in Alibaba Cloud’s PostgreSQL Databases
Apr 20, 2023Ravie LakshmananCloud Security / Vulnerability
A chain of two critical flaws has been disclosed in Alibaba Cloud's ApsaraDB RDS for PostgreSQL and...
3 iOS Zero-Click Exploits Exploited by NSO Group
In 2022, NSO Group, the Israeli firm notorious for its spyware technology, reemerged with a slew of zero-click exploit chains designed for iOS 15...