Wednesday, December 11, 2024

How do cloud service providers secure businesses with cloud-based infrastructure?

Since the advent of cloud computing, a persistent question remains: How do cloud service providers secure businesses with cloud-based infrastructure? The reality is that inadequate...

Gatekeeper Controls Tightened to Block Unauthorized Software

According to Apple, Gatekeeper is an essential defence mechanism embedded in macOS to prevent untrusted applications from running on the operating system. Recognizing its...

APPLICATION SECURITY BEST PRACTICES

Introduction Ensuring application security is fundamental to safeguarding sensitive information and maintaining user trust. Implementing robust security practices is crucial for protecting digital assets and...

Twilio Authy and IE Flaws Now Added to Exploited Vulnerabilities List 

The United States Cybersecurity and Infrastructure Security Agency (CISA) has officially added two critical vulnerabilities to its Known Exploited Vulnerabilities catalogue. These vulnerabilities have...

Introduction To Application Security

What is Application Security Application security is a crucial aspect of software development that aims to protect the application code and the data it handles...

CrowdStrike Update Crashes Windows Systems Worldwide

Businesses worldwide faced significant disruptions as a recent CrowdStrike update caused Windows workstations to crash, leading to the infamous “blue screen of death.” CrowdStrike...

Exim Mail Server Vulnerability Exposes Millions to Malicious Attachments

A vulnerability tracked as CVE-2024-39929 with a CVSS score of 9.1, has been addressed. This flaw previously allowed threat actors to craft and deliver...

Torrents Harbor ViperSoftX Malware 

Researchers have discovered ViperSoftX, a sophisticated malware previously detected by Fortinet in 2020, lurking within torrents disguised as eBooks. ViperSoftX dynamically loads and runs...

Supply Chain Attack Targets jQuery Packages.

Cybersecurity professionals have uncovered a sophisticated supply chain attack involving GitHub, npm, and jsDelivr code repositories. The attacker cleverly embedded malware within the rarely...

VPN Apps Removed from Russian App Store Sparks Controversies

Apple recently yielded to government pressure and removed several virtual private network (VPN) apps from the Russian App Store. The action affected 25 mobile...

Zergeca Botnet Becomes a Formidable DDoS Threat

Cybersecurity researchers recently confirmed the existence of Zergeca, a powerful botnet written in Golang. Unlike typical DDoS botnets, Zergeca boasts an impressive array of...

Multiple Websites Suffer the Effects of Hijack Polyfill Supply Chain Attack

According to a report by Sansec, no fewer than 110,000 sites using polyfill.io have suffered the effects of a supply chain attack orchestrated by...

FIN9-Linked Vietnamese Hackers In Trouble Over $71M Cybercrime

An unsealed indictment charges four Vietnamese nationals with involvement in a series of cyber intrusions that collectively caused U.S. companies to suffer over $71...

Crypto Users Might be In Trouble of Markopolo’s Scam

Recent investigations by cybersecurity experts have unveiled the operations of 'Markopolo', a sophisticated cybercriminal mastermind orchestrating extensive cryptocurrency thefts. This threat actor has been...

Indian Government Under Cyberattack Orchestrated by Pakistani Hackers.

According to cybersecurity researchers, the Indian government is currently under attack by a suspected Pakistan-based possible state-sponsored threat actor. The report suggests the threat...

Oracle is Currently Under Attack Due to Web Server OS Command Injection Flaw

A report from CISA confirmed adding an actively exploited security flaw tagged CVE-2017-3506with CVSS score of 7.4 affecting the Oracle WebLogic Server to the...

Credential Stuffing Attack is Possible! Okta Warns

A statement by Okta confirms the possibility of cross-origin authentication. It warns customers that they might become victims of this Customer Identity Cloud (CIC)...

BreachForum is Back in Business

Cybersecurity researchers and dark web trackers have brought security agencies’ attention to the return of the famous cybercriminal called BreachForum. This is happening barely...

Python, Golang and Rust Malware Deployed on Indian Targets 

Cybersecurity researchers have uncovered the actions of Transparent Tribe, a Pakistani-linked threat actor, who used malware written in Python, Golang, and Rust to attack...

Microsoft Announces Phasing Out VBScript for JavaScript and PowerShell

As part of plans to favour the release of more advanced alternative applications such as JavaScript and PowerShell, Microsoft on Wednesday announced the deprecation...