Zyxel firewalls under attack by Mirai-like botnet

CVE-2023-28771, the critical command injection vulnerability affecting many Zyxel firewalls, is being actively exploited by a Mirai-like botnet, and has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog. About CVE-2023-28771 CV.....»»

Category: securitySource:  netsecurityJun 1st, 2023

Stratascale acquires Vector0 to strengthen its cybersecurity services

Stratascale, an SHI company, announced the acquisition of Vector0, an Attack Surface Management (ASM) provider. Through the acquisition, Stratascale professionals and their customers gain visibility of attack vectors and points of vulnerability, enha.....»»

Category: securitySource:  netsecurityRelated News11 hr. 55 min. ago

Zyxel announces WiFi 6-enabled security firewalls for small- and medium-sized business networks

Zyxel Networks announced the addition of WiFi 6-enabled security firewalls to its ZyWALL USG FLEX 100 firewall series. Zyxel’s new USG FLEX 100AX Firewall supports WiFi 6 (802.11ax) to provide wired and wireless solutions that deliver holistic secu.....»»

Category: securitySource:  netsecurityRelated NewsSep 25th, 2023

3 iOS 0-days, a cellular network compromise, and HTTP used to infect an iPhone

Apple patches 3 zero-days after they were used in a sophisticated attack. Enlarge (credit: Getty Images) Apple has patched a potent chain of iOS zero-days that were used to infect the iPhone of an Egyptian presidential c.....»»

Category: topSource:  arstechnicaRelated NewsSep 23rd, 2023

An inside look at NetSPI’s impressive Breach and Attack Simulation platform

In this Help Net Security interview, Scott Sutherland, VP of Research at NetSPI, delves into the intricacies of their Breach and Attack Simulation (BAS) platform and discusses how it offers unique features – from customizable procedures to adva.....»»

Category: securitySource:  netsecurityRelated NewsSep 19th, 2023

New malware strain stealing business data from Intel Macs

Malware called "MetaStealer" is being used by hackers to attack businesses and to steal data from Intel-based Macs, with techniques including posing as legitimate app installers.Malware attacks against macOS continue to be a problem, with users being.....»»

Category: appleSource:  appleinsiderRelated NewsSep 17th, 2023

Enterprises persist with outdated authentication strategies

Despite authentication being a cornerstone of cybersecurity, risk mitigation strategies remain outdated, according to new research from Enzoic. With the attack surface expanding and the increasing sophistication of cyber threats, organizations are st.....»»

Category: securitySource:  netsecurityRelated NewsSep 15th, 2023

Five ways that college campuses benefit from diversity, equity and inclusion programs

For more than half a century, colleges and universities have relied on dedicated programs to attract students of color and support them. Today, those programs—known as diversity, equity and inclusion, or DEI, programs—are under attack......»»

Category: topSource:  physorgRelated NewsSep 12th, 2023

MGM Resorts: Slot machines go down in cyber-attack on firm

Customers also report problems with payments and check-in as IT systems go down at MGM Resorts' hotels......»»

Category: hdrSource:  bbcRelated NewsSep 12th, 2023

Slot machines go down in cyber-attack on MGM Resorts

Customers also report problems with payments and check-in as IT systems go down at the group's hotels......»»

Category: hdrSource:  bbcRelated NewsSep 12th, 2023

Microsoft Teams users targeted in phishing attack delivering DarkGate malware

A new phishing campaign taking advantage of an easily exploitable issue in Microsoft Teams to deliver malware has been flagged by researchers. Delivering malware to Microsoft Teams users Late last month, Truesec researchers spotted two compromised Mi.....»»

Category: securitySource:  netsecurityRelated NewsSep 11th, 2023

The blueprint for a highly effective EASM solution

In this Help Net Security interview, Adrien Petit, CEO at Uncovery, discusses the benefits that organizations can derive from implementing external attack surface management (EASM) solutions, the essential capabilities an EASM solution should possess.....»»

Category: securitySource:  netsecurityRelated NewsSep 11th, 2023

CISOs and board members work more closely than ever before

73% of board members believe they face the risk of a major cyber attack in the next 12 months, a notable increase from 65% in 2022, according to Proofpoint. Likewise, 53% feel unprepared to cope with a targeted attack, up from 47% the previous year......»»

Category: securitySource:  netsecurityRelated NewsSep 11th, 2023

Cisco security appliance 0-day is under attack by ransomware crooks

With no patch available yet, users must enable workarounds. The best: enforce MFA. Enlarge / Cisco Systems headquarters in San Jose, California, US, on Monday, Aug. 14, 2023. Cisco Systems Inc. is scheduled to release earnings fi.....»»

Category: topSource:  arstechnicaRelated NewsSep 8th, 2023

75% of education sector attacks linked to compromised accounts

69% of organizations in the education sector suffered a cyberattack within the last 12 months, according to Netwrix. Phishing and account compromise threaten the education sector Phishing and user account compromise were the most common attack paths.....»»

Category: securitySource:  netsecurityRelated NewsSep 8th, 2023

New infosec products of the week: September 8, 2023

Here’s a look at the most interesting products from the past week, featuring releases from CyberSaint, Ghost Security, Hornetsecurity, NTT Security Holdings, and TXOne Networks. Reaper: Open-source reconnaissance and attack proxy workflow automatio.....»»

Category: securitySource:  netsecurityRelated NewsSep 8th, 2023

Apple patches two zero-days under attack (CVE-2023-41064, CVE-2023-41061)

Apple has patched two zero-day vulnerabilities (CVE-2023-41064, CVE-2023-41061) exploited to deliver NSO Group’s Pegasus spyware. “The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any inte.....»»

Category: securitySource:  netsecurityRelated NewsSep 8th, 2023

Unpatched Cisco ASA flaw exploited by attackers (CVE-2023-20269)

A vulnerability (CVE-2023-20269) in Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) firewalls is being exploited by attackers to gain access to vulnerable internet-exposed devices. “This vulnerability was found.....»»

Category: securitySource:  netsecurityRelated NewsSep 8th, 2023

Musk shut off Starlink to prevent Ukraine attack on Russian ships, report says

New details on how Musk thwarted Ukraine's submarine drone attack near Crimea. Enlarge / Starlink satellite dish seen on September 25, 2022, in Izyum, Kharkiv region, amid the Russian invasion of Ukraine. (credit: Getty Images |.....»»

Category: topSource:  arstechnicaRelated NewsSep 7th, 2023

Malicious Google ads deceive Mac users into installing Atomic Stealer malware

A macOS malware discovered in April has found a new vector of attack, with people searching for software on Google finding malware presented as legitimate ads.Google search can turn up malicious adsThe malware payload known as Atomic macOS Stealer (A.....»»

Category: topSource:  marketingvoxRelated NewsSep 6th, 2023

Reaper: Open-source reconnaissance and attack proxy workflow automation

Reaper is an open-source reconnaissance and attack proxy, built to be a modern, lightweight, and efficient equivalent to Burp Suite/ZAP. It focuses on automation, collaboration, and building universally distributable workflows. Reaper is a work in pr.....»»

Category: securitySource:  netsecurityRelated NewsSep 5th, 2023