Please turn on your JavaScript for this page to function normally.
lock
Attackers use fallback ransomware if LockBit gets blocked

Your security solutions might stave off a LockBit infection, but you might still end up with encrypted files: according to Symantec’s threat researchers, some affiliates …

Mac malware
MetaStealer malware is targeting enterprise macOS users

Enterprise macOS users are being targeted by attackers slinging new information-stealing malware dubbed MetaStealer. The MetaStealer malware MetaStealer is delivered within …

key
How Chinese hackers got their hands on Microsoft’s token signing key

The mystery of how Chinese hackers managed to steal a crucial signing key that allowed them to breach Microsoft 365’s email service and access accounts of employees of 25 …

Cisco ASA 5500-X
Cisco VPNs with no MFA enabled hit by ransomware groups

Since March 2023 (and possibly even earlier), affiliates of the Akira and LockBit ransomware operators have been breaching organizations via Cisco ASA SSL VPN appliances. …

large language models
Customizing LLMs for domain-specific tasks

The expansion of large language models (LLMs) in recent times has brought about a revolutionary change in machine learning processes and has introduced fresh perspectives on …

Google Workspace
Google Workspace: New account security, DLP capabilities announced

New capabilities in Google Workspace will help enterprises improve account and data security, by making unauthorized takeover of admin and user accounts and exfiltration of …

Mac malware
Bogus OfficeNote app delivers XLoader macOS malware

A new macOS-specific variant of the well known XLoader malware is being delivered disguised as the “OfficeNote” app. “Multiple submissions of this sample …

Ivanti
Ivanti Sentry zero-day vulnerability exploited, patch ASAP! (CVE-2023-38035)

Ivanti is urging administrators of Ivanti Sentry (formerly MobileIron Sentry) gateways to patch a newly discovered vulnerability (CVE-2023-38035) that could be exploited to …

Citrix ShareFile
Citrix ShareFile vulnerability actively exploited (CVE-2023-24489)

CVE-2023-24489, a critical Citrix ShareFile vulnerability that the company has fixed in June 2023, is being exploited by attackers. GreyNoise has flagged on Tuesday a sudden …

Netscaler
(Re)check your patched NetScaler ADC and Gateway appliances for signs of compromise

Administrators of Citrix NetScaler ADC and Gateway appliances should check for evidence of installed webshells even if they implemented fixes for CVE-2023-3519 quickly: A …

AWS
Attackers can turn AWS SSM agents into remote access trojans

Mitiga researchers have documented a new post-exploitation technique attackers can use to gain persistent remote access to AWS Elastic Compute Cloud (EC2) instances (virtual …

Ivanti
Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081)

Another actively exploited zero-day vulnerability (CVE-2023-35081) affecting Ivanti Endpoint Manager Mobile (EPMM) has been identified and fixed. The first zero-day spotted …

Don't miss

Cybersecurity news