Critical zero-days in Exim revealed, only 3 have been fixed
Six zero-days in Exim, the most widely used mail transfer agent (MTA), have been revealed by Trend Micro’s Zero Day Initiative (ZDI) last Wednesday. Due to what seems to …
Critical vulnerability in WS_FTP Server exploited by attackers (CVE-2023-40044)
Progress Software, the company behind the recently hacked MOVEit file-sharing tool, has recently fixed two critical vulnerabilities (CVE-2023-40044, CVE-2023-42657) in WS_FTP …
Most dual ransomware attacks occur within 48 hours
Since July 2023, the Federal Bureau of Investigation (FBI) has noticed a new trend: dual ransomware attacks on the same victim, occurring in close proximity of one another. …
Lazarus impersonated Meta recruiter to breach Spanish aerospace firm
Operators of the North Korea-linked Lazarus APT obtained initial access to the network of an aerospace company in Spain last year after a successful spearphishing campaign, by …
9 essential ransomware guides and checklists available for free
According to Fortinet, ransomware activity has intensified, registering an increase of 13 times compared to the beginning of 2023 in terms of all malware detections. The rise …
Securing GitHub Actions for a safer DevOps pipeline
GitHub Actions provides a platform for continuous integration and continuous delivery (CI/CD), enabling your build, test, and deployment process automation. It allows you to …
Global events fuel DDoS attack campaigns
Cybercriminals launched approximately 7.9 million DDoS attacks in 1H 2023, representing a 31% year-over-year increase, according to NETSCOUT. Global events like the …
Infosec products of the month: September 2023
Here’s a look at the most interesting products from the past month, featuring releases from: 1Password, Armis, AlphaSOC, Baffle, Ciphertex Data Security, Cisco, ComplyCube, …
Week in review: Chrome zero-day is actually in libwebp, Sony hacking rumours
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: How global enterprises navigate the complex world of data privacy In this …
Malicious ads creep into Bing Chat responses
Users of Bing Chat, the GPT-4-powered search engine Microsoft introduced earlier this year, are being targeted with ads leading to malware. According to Malwarebytes …
New infosec products of the week: September 29, 2023
Here’s a look at the most interesting products from the past week, featuring releases from AlphaSOC, Baffle, Immersive Labs, OneTrust, Panzura, runZero, and SeeMetrics. …
VMware users anxious about costs and ransomware threats
VMware customers have growing concerns about the state of the virtualization software and the company behind it – ranging from rising licensing costs, ransomware …