ESET Security Products for Windows Vulnerable to Privilege Escalation
[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] ESET, a leading cybersecurity company, recently addressed a local privilege escalation vulnerability in its Windows security products. The Zero Day Initiative (ZDI) reported the vulnerability to ESET. It could have allowed attackers to misuse ESET’s file operations during a restore operation from quarantine, potentially leading to […]
CISA’s CSAT Tool Hacked, Systems Taken Offline
[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] The Cybersecurity and Infrastructure Security Agency’s (CISA) Chemical Security Assessment Tool (CSAT) was the target of a cybersecurity intrusion by a malicious actor from January 23-26-2024. The breach, which has raised significant concerns within the cybersecurity community, potentially exposed sensitive information including Top-Screen surveys, Security Vulnerability […]
HC3 Unveils Qilin Ransomware Attacking Global Healthcare Organizations
[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] The Health Sector Cybersecurity Coordination Center (HC3) has issued a critical alert regarding a new ransomware strain, Qilin, which is targeting healthcare organizations worldwide. This revelation underscores the escalating cyber threats facing the healthcare sector, which is already grappling with the complexities of digital transformation and […]
WordPress Releases Urgent Security Update to Patch XSS and Path Traversal Flaws
[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] WordPress has released an urgent security update, version 6.5.5, addressing critical vulnerabilities that could potentially compromise the security of millions of websites. This minor release, which also includes three bug fixes in the core, is highly recommended for immediate installation to ensure site security and stability. […]
Hackers Can Crack Down 59% Of Passwords Within A Hour
[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] Researchers analyzed real-world passwords leaked on the dark web instead of artificial ones used in labs, as their findings showed that a worrying 59% of these passwords could be cracked within an hour using just a modern graphics card and some technical knowledge, highlighting […]
Life360 Breach: Hackers Accessed the Tile Customer Support Platform
[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] Life360, a company known for its family safety services, recently fell victim to a criminal extortion attempt. The company received emails from an unknown actor claiming to possess Tile customer information. Upon receiving these emails, Life360 promptly investigated and detected unauthorized access to the Tile customer […]
Royal Tiger Group With Spoofed Phone Numbers Stealing Credit Card Data: FCC
[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] According to the Federal Communications Commission (FCC), the Royal Tiger Group and its employees are a Consumer Communications Information Services Threat (C-CIST). This is a crucial step for the FCC in its ongoing work to protect U.S. customers from sophisticated scams that affect the telecommunications network. […]
WaveStealer Malware Delivered Via Telegram & Discord Messaging Platforms
[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] Cybersecurity experts have identified a new malware, dubbed WaveStealer, that is being actively distributed through popular messaging platforms Telegram and Discord. This sophisticated malware masquerading as video game installers poses a significant threat to users by targeting their sensitive data. How WaveStealer Operates WaveStealer is […]
Earth Hundun Hacker Group Employs Advanced Tactics to Evade Detection
[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] Earth Hundun, a notable Asia-Pacific malware organization, uses Waterbear and Deuterbear. We first encountered Deuterbear in Earth Hundun’s arsenal in October 2022, signaling its implementation. This report describes the ultimate Remote Access Trojan (RAT) we recovered from a C&C server from an Earth Hundun campaign in […]
CISA Reveals Guidance For Implementation of Encrypted DNS Protocols
[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] “Encrypted DNS Implementation Guidance,” a detailed document from the Cybersecurity and Infrastructure Security Agency (CISA), tells government agencies how to improve their cybersecurity by using encrypted Domain Name System (DNS) protocols. This advice is in line with Memorandum M-22-09 from the Office of Management […]