PostgreSQL databases under attack
Poorly protected PostgreSQL databases running on Linux machines are being compromised by cryptojacking attackers. The attack – observed by Aqua Security researchers on a honeypot system – starts with the threat actors brute-forcing access.....»»
Starbucks, grocery stores impacted by Blue Yonder ransomware attack
Supply chain management SaaS vendor Blue Yonder announced on November 21 that it experienced a ransomware attack that impacted its managed services hosted environment. “Since learning of the incident, the Blue Yonder team has been working dilig.....»»
Spies hack Wi-Fi networks in far-off land to launch attack on target next door
“Nearest Neighbor Attack” finally lets Russia’s Fancy Bear into target’s Wi-Fi network. One of 2024's coolest hacking tales occurred two years ago, but it wasn't revealed.....»»
Russian ballistic missile attack on Ukraine portends new era of warfare
This is the first time an IRBM, once restricted by a Cold War arms treaty, has been used in combat. Two days ago, Russian President Vladimir Putin announced a change in the countr.....»»
Some older D-Link routers are vulnerable to attack
Older D-Link routers suffer a security flaw that exposes users to threats such as malware, DoS attacks, and more. See the reason why there is no fix......»»
Product showcase: Augmenting penetration testing with Plainsea
Human-led penetration testing is an essential practice for any organization seeking to proactively address potential attack vectors. However, this indispensable pentesting method is often limited by several factors: high resource demands, project tim.....»»
Nanofibers made of copper-binding peptides disrupt cancer cells
While toxic in high concentrations, copper is essential to life as a trace element. Many tumors require significantly more copper than healthy cells for growth—a possible new point of attack for cancer treatment......»»
Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465)
Attackers have been spotted exploiting two additional vulnerabilities (CVE-2024-9463, CVE-2024-9465) in Palo Alto Networks’ Expedition firewall configuration migration tool, CISA has confirmed on Thursday. About the vulnerabilities (CVE-2024-94.....»»
Cybercriminals hijack DNS to build stealth attack networks
Hijacking domains using a ‘Sitting Ducks attack’ remains an underrecognized topic in the cybersecurity community. Few threat researchers are familiar with this attack vector, and knowledge is scarce. However, the prevalence of these attacks and t.....»»
Bitsight acquires Cybersixgill to help organizations manage cyber exposure
Bitsight announced it has signed a definitive agreement to acquire Cybersixgill, a global cyber threat intelligence (CTI) data provider. Together, Bitsight and Cybersixgill will provide visibility into an organization’s external attack surface,.....»»
Trump’s Administration Will Attack Health Care from Multiple Angles
The new Trump administration is likely to reduce subsidies for Affordable Care Act insurance plans and roll back Medicaid coverage. Public health authorities worry that antivaccine activist Robert F. Kennedy, Jr., will be empowered.....»»
Immersive Labs AI Scenario Generator improves cyber skills against various attack types
Immersive Labs introduced AI Scenario Generator. This new capability enables organizations to generate threat scenarios for crisis simulations to ensure their workforces are ready for the latest threats. By inputting a few short prompts, customers ca.....»»
The changing face of identity security
It’s easy to see why identity security is often synonymous with user security. Social engineering tactics are the mainstay of the threat actor’s arsenal, and it’s rare to find an attack that doesn’t feature them to some degree. Getting hold o.....»»
Strategies for CISOs navigating hybrid and multi-cloud security
In this Help Net Security interview, Alex Freedland, CEO at Mirantis, discusses the cloud security challenges that CISOs need to tackle as multi-cloud and hybrid environments become the norm. He points out the expanded attack surfaces, the importance.....»»
Security experts warn of new hacker strategy targeting Windows drivers
A new BYOVD attack ends with an infostealer and cryptominer inserted into your Windows PC. The threat campaign named SteelFox uses fake activators......»»
Beware of phishing emails delivering backdoored Linux VMs!
Unknown attackers are trying to trick Windows users into spinning up a custom Linux virtual machine (VM) with a pre-configured backdoor, Securonix researchers have discovered. The campaign The attack began with a phishing email, they believe, but the.....»»
Hundreds of code libraries posted to NPM try to install malware on dev machines
These are not the the developer tools you think they are. An ongoing attack is uploading hundreds of malicious packages to the open source node package manager (NPM) repository in.....»»
Police, schools respond to parents’ attack on daughter near Timberline High School
Police, schools respond to parents’ attack on daughter near Timberline High School.....»»
Watch out - OpenAI is being spoofed as part of a major phishing attack
OpenAI impersonators are targeting businesses worldwide, experts warn......»»
Week in review: Windows Themes spoofing bug “returns”, employees phished via Microsoft Teams
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Patching problems: The “return” of a Windows Themes spoofing vulnerability Despite two patching attempts, a security issue that may allow attack.....»»
Attack on central Israel injures 11 as Iran"s leader promises a punishing response
Attack on central Israel injures 11 as Iran"s leader promises a punishing response.....»»