Post-Macro World Sees Rise in Microsoft OneNote Documents Delivering Malware
Feb 03, 2023Ravie LakshmananAttack Vector / Endpoint Security
In a continuing sign that threat actors are adapting well to a post-macro world, it has...
Is Your EV Charging Station Safe? New Security Vulnerabilities Uncovered
Feb 03, 2023Ravie LakshmananAutomotive Security / Vulnerability
Two new security weaknesses discovered in several electric vehicle (EV) charging systems could be exploited to remotely...
New DDoS-as-a-Service Platform Attacking Medical Institutions
Passion Group, a Killnet, and Anonymous Russia affiliate, recently started providing DDoS-as-a-Service to pro-Russian hackers. During the attacks on January 27, the Passion...
Iranian OilRig Hackers Using New Backdoor to Exfiltrate Data from Govt. Organizations
Feb 03, 2023Ravie LakshmananCyber Espionage / Cyber Threat
The Iranian nation-state hacking group known as OilRig has continued to target government organizations in the...
Most Important Computer Forensics Tools for 2023
Computer Forensics tools are more often used by security industries to test the vulnerabilities in networks and applications by collecting the evidence to find...
New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products
Feb 03, 2023Ravie LakshmananNetwork Security / Vulnerability
F5 has warned of a high-severity flaw impacting BIG-IP appliances that could lead to denial-of-service (DoS) or...
Hackers Use TrickGate Packer to Deploy Emotet
The cybersecurity analysts at Check Point Research recently reported that TrickGate, a shellcode-based packer, has been in operation for over six years without being...
Atlassian’s Jira Software Found Vulnerable to Critical Authentication Vulnerability
Feb 03, 2023Ravie LakshmananCloud Security / Vulnerability
Atlassian has released fixes to resolve a critical security flaw in Jira Service Management Server and Data...
CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack
Feb 03, 2023Ravie LakshmananVulnerability Management
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on February 2 added two security flaws to its Known Exploited...
North Korean Hackers Exploit Unpatched Zimbra Devices in ‘No Pineapple’ Campaign
Feb 02, 2023Ravie LakshmananHealthcare / Cyber Attack
A new intelligence gathering campaign linked to the prolific North Korean state-sponsored Lazarus Group leveraged known security...