Please turn on your JavaScript for this page to function normally.
envelope
Cyber crooks push Android malware via letter

Cyber crooks are trying out an interesting new approach for getting information-stealing malware installed on Android users’ smartphones: a physical letter impersonating …

Palo Alto Networks
Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465)

Attackers have been spotted exploiting two additional vulnerabilities (CVE-2024-9463, CVE-2024-9465) in Palo Alto Networks’ Expedition firewall configuration migration …

NIST NVD
NIST is chipping away at NVD backlog

The National Institute of Standards and Technology (NIST) is clearing the backlog of unprocessed CVE-numbered vulnerabilities in the National Vulnerability Database (NVD), but …

USA
FBI confirms China-linked cyber espionage involving breached telecom providers

After months of news reports that Chinese threat actors have breached the networks of US telecommunications and internet service providers, the FBI and the Cybersecurity and …

Microsoft Windows
How a Windows zero-day was exploited in the wild for months (CVE-2024-43451)

CVE-2024-43451, a Windows zero-day vulnerability for which Microsoft released a fix on November 2024 Patch Tuesday, has been exploited since at least April 2024, ClearSky …

airplane
Aerospace employees targeted with malicious “dream job” offers

It’s not just North Korean hackers who reach out to targets via LinkedIn: since at least September 2023, Iranian threat actor TA455 has been trying to compromise workers …

Patch Tuesday
Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)

November 2024 Patch Tuesday is here, and Microsoft has dropped fixes for 89 new security issues in its various products, two of which – CVE-2024-43451 and CVE-2024-49039 …

Hot Topic
Hot Topic breach: Has your credit card info been compromised?

If you’re wondering whether your personal and financial data has been compromised in the massive Hot Topic breach, you can use two separate online tools to check: Have I …

Amazon
Massive troves of Amazon, HSBC employee data leaked

A threat actor who goes by the online moniker “Nam3L3ss” has leaked employee data belonging to a number of corporations – including Amazon, 3M, HSBC and HP …

Palo Alto Networks
Critical Palo Alto Networks Expedition bug exploited (CVE-2024-5910)

A vulnerability (CVE-2024-5910) in Palo Alto Networks Expedition, a firewall configuration migration tool, is being exploited by attackers in the wild, the Cybersecurity and …

malware
Industrial companies in Europe targeted with GuLoader

A recent spear-phishing campaign targeting industrial and engineering companies in Europe was aimed at saddling victims with the popular GuLoader downloader and, ultimately, a …

malware
North Korean hackers employ new tactics to compromise crypto-related businesses

North Korean hackers are targeting crypto-related businesses with phishing emails and novel macOS-specific malware. The crypto-related phishing campaign Since July 2024, …

Don't miss

Cybersecurity news