hacking news – Page 989

From Dark Reading – Data Thieves Test-Drive Unique Certificate Abuse Tactic

An SEO poisoning campaign is spreading the RecordBreaker/Raccoon Stealer and LummaC2 infostealers by attempting to confound software certificate checks. Read More

Samir K October 11, 2023

News

From Dark Reading – Reassessing the Impacts of Risk Management With NIST Framework 2.0

The latest NIST Cybersecurity Framework draft highlights four major themes that organizations should pay attention to for managing risk. Read More

Samir K October 11, 2023

News

From Security Week – Payment Card Data Stolen in Air Europa Hack

Spanish airline Air Europa is informing customers that their payment card information has been stolen as a result of a hacker attack. The post Payment Card Data Stolen in Air…

Samir K October 11, 2023

News

From Security Week – Citrix Patches Critical NetScaler ADC, Gateway Vulnerability

Citrix has released patches for a critical information disclosure vulnerability in NetScaler ADC and NetScaler Gateway. The post Citrix Patches Critical NetScaler ADC, Gateway Vulnerability appeared first on SecurityWeek. Read More

Samir K October 11, 2023

News

From Security Week – US Government Releases Security Guidance for Open Source Software in OT, ICS

CISA, FBI, NSA, and US Treasury published new guidance on improving the security of open source software in OT and ICS. The post US Government Releases Security Guidance for Open…

Samir K October 11, 2023

News

From The Hacker News – U.S. Cybersecurity Agency Warns of Actively Exploited Adobe Acrobat Reader Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-21608 (CVSS score: 7.8), the vulnerability has been described as a use-after-free bug that can be exploited to achieve remote code execution (RCE) with the

Samir K October 11, 2023

Breaches

From The Hacker News – Take an Offensive Approach to Password Security by Continuously Monitoring for Breached Passwords

Passwords are at the core of securing access to an organization's data. However, they also come with security vulnerabilities that stem from their inconvenience. With a growing list of credentials to keep track of, the average end-user can default to shortcuts. Instead of creating a strong and unique password for each account, they resort to easy-to-remember passwords, or use the same password

Samir K October 11, 2023

Research

From Dark Reading – A Frontline Report of Chinese Threat Actor Tactics and Techniques

Threat intel experts see a reduced focus on desktop malware as threat groups prioritize passwords and tokens that let them access the same systems as remote workers. Read More

Samir K October 11, 2023

News

From Security Week – Chrome 118 Patches 20 Vulnerabilities

Google has released Chrome 118 to the stable channel with patches for 20 vulnerabilities, including one rated ‘critical severity’. The post Chrome 118 Patches 20 Vulnerabilities appeared first on SecurityWeek. Read…

Samir K October 11, 2023

News

From Security Week – Organizations Respond to HTTP/2 Zero-Day Exploited for DDoS Attacks

Organizations respond to HTTP/2 Rapid Reset zero-day vulnerability exploited to launch the largest DDoS attacks seen to date. The post Organizations Respond to HTTP/2 Zero-Day Exploited for DDoS Attacks appeared…

Samir K October 11, 2023

Toolkit

From Dark Reading – Protect AI Releases 3 AI/ML Security Tools as Open Source

The company released NB Defense, ModelScan, and Rebuff, which detect vulnerabilities in machine learning systems, on GitHub. Read More

Samir K October 11, 2023

News

From Security Week – Applying AI to API Security

While there is quite a bit of buzz and hype around AI, it is a technology that can add tremendous value to security programs. The post Applying AI to API…

Samir K October 11, 2023

News

From Security Week – CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability

CISA has added five bugs to its Known Exploited Vulnerabilities catalog, including the recent WordPad, Skype, and HTTP/2 zero-days. The post CISA Warns of Attacks Exploiting Adobe Acrobat Vulnerability appeared…

Samir K October 11, 2023

News

From Security Week – ICS Patch Tuesday: Siemens Ruggedcom Devices Affected by Nozomi Component Flaws

ICS Patch Tuesday: Siemens and Schneider Electric release over a dozen advisories addressing more than 40 vulnerabilities. The post ICS Patch Tuesday: Siemens Ruggedcom Devices Affected by Nozomi Component Flaws…

Samir K October 11, 2023

News

From Cyber Security News – HTTP/2 Rapid Reset Zero-day Flaw Exploited to Launch Massive DDoS Attack

Cloudflare was unexpectedly hit by an enormous HTTP attack that peaked at over 201 million requests per second. Starting on August 25, 2023, this onslaught posed a significant challenge, especially…

Samir K October 11, 2023