Cisco
Cisco Licensing Utility Under Siege: Backdoor Account Exploited in the Wild
Reports are emerging that malicious actors are actively exploiting a critical vulnerability in unpatched Cisco Smart Licensing Utility (CSLU) instances.
Latest
post-quantum cryptography
UK's NCSC Mandates Post-Quantum Crypto Migration by 2035: Is Compliance Realistic?
The United Kingdom's National Cyber Security Centre (NCSC) has issued a directive requiring critical national infrastructure and other key organizations to complete their transition to post-quantum cryptography (PQC) by 2035.
WordPress
Critical Vulnerability Discovered in WP Ghost Plugin: Unauthenticated Remote Code Execution Possible
A significant security flaw has been identified in the popular WordPress security plugin, WP Ghost, potentially exposing millions of websites to remote code execution (RCE) attacks.
Windows 11
Microsoft Lifts Windows 11 24H2 Block for Asphalt 8 Players, Raising Questions About Patching Procedures
Microsoft has quietly removed an upgrade block that previously prevented users of the popular racing game Asphalt 8: Airborne from upgrading their systems to the latest Windows 11 version
VSCode
Malicious VSCode Extensions Unleash In-Development Ransomware: A Failure of Microsoft's Marketplace Oversight
The VSCode Marketplace, a central repository for extensions that enhance the popular code editor, has been compromised by two malicious extensions deploying in-development ransomware.
GitHub Actions
GitHub Action Vulnerability: Supply Chain Attack Exposes Limited Secrets, Raises Broader Concerns
A recent supply chain attack targeting the popular GitHub Action, tj-actions/changed-files, has reportedly exposed secrets in a relatively small subset of the approximately 23,000 repositories utilizing the tool.
ransomware
New 'Betruger' Backdoor Linked to RansomHub Affiliate, Raising Concerns Over Federal Oversight
Security researchers have uncovered a new backdoor, ominously named 'Betruger' (German for 'imposter' or 'deceiver'), which has been deployed in a series of recent ransomware attacks.
cybersecurity
Ascom Hit by Cyberattack: Hellcat Group Exploits Jira Server Vulnerabilities
Ascom, a Swiss global solutions provider specializing in healthcare and enterprise communication systems, has confirmed it suffered a cyberattack targeting its IT infrastructure.
CISA
CISA Urges Federal Agencies to Patch NAKIVO Backup & Replication Flaw, Raising Security Concerns
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a stark warning to U.S. federal civilian executive branch (FCEB) agencies, demanding immediate action to mitigate a critical security vulnerability found within NAKIVO's Backup & Replication software
darknet
Darknet Data Dumps: Are Your Credentials for Sale? A Critical Look at Enterprise Security
A recent report has sounded alarms about the increasing availability of compromised identity data on the darknet, positioning it as a leading cybersecurity threat to businesses. This raises serious questions about the effectiveness of current data protection strategies and the ability of enterprises to safeguard sensitive information from increasingly sophisticated
darknet
Tattoo Artist's 'Utopia' Dreams Dashed by Federal Darknet Sting
A self-employed tattoo artist, operating under the moniker 'Utopia,' found their entrepreneurial aspirations curtailed following a federal investigation into darknet marketplace activities.
darknet
Darknet Data Trove Swells, Raising Concerns Over Federal Oversight
A significant expansion of darknet data repositories has been reported, with one prominent aggregator noting a 22% surge in its collection over the past year.