Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

CVE-2022-37238: SecurityGateway for Email Servers Release Notes

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the currentRequest parameter.

CVE
Open in Source
#sql#xss#vulnerability#web#mac#windows#microsoft#git#intel#ldap#pdf#auth#ssl
Exploits and TrickBot disrupt manufacturing operations

Categories: Threat Intelligence September 2021 saw a huge spike of exploit detections against the manufacturing industry, with a distributed spread between California, Florida, Ohio, and Missouri. This is combined with heavy detections of unseen malware, identified through our AI engine, spiking in May as well as September 2021. (Read more...) The post Exploits and TrickBot disrupt manufacturing operations appeared first on Malwarebytes Labs.

Okta Hackers Behind Twilio and Cloudflare Breach Hit Over 130 Organizations

The threat actor behind the attacks on Twilio and Cloudflare earlier this month has been linked to a broader phishing campaign aimed at 136 organizations that resulted in a cumulative compromise of 9,931 accounts. The activity has been condemned 0ktapus by Group-IB because the initial goal of the attacks was to "obtain Okta identity credentials and two-factor authentication (2FA) codes from

The (Nation) State of Cyber: 64% of Businesses Suspect They've Been Targeted or Impacted by Nation-State Attacks

According to new Venafi research, two-thirds of organizations have changed cyber strategy in response to war in Ukraine.

What You Need to Know About the Psychology Behind Cyber Resilience

Understanding how and why people respond to cyber threats is key to building cyber-workforce resilience.

Penetration Testing Market Worth $2.7B By 2027: MarketsandMarkets(TM) Report

Increase driven by increasingly sophisticated cyberattacks as well as increase in mobile-based business-critical applications, according to report.

Microsoft Uncovers New Post-Compromise Malware Used by Nobelium Hackers

The threat actor behind the SolarWinds supply chain attack has been linked to yet another "highly targeted" post-exploitation malware that could be used to maintain persistent access to compromised environments. Dubbed MagicWeb by Microsoft's threat intelligence teams, the development reiterates Nobelium's commitment to developing and maintaining purpose-built capabilities. Nobelium is the tech

Researchers Uncover Kimusky Infra Targeting South Korean Politicians and Diplomats

The North Korean nation-state group Kimusky has been linked to a new set of malicious activities directed against political and diplomatic entities located in its southern counterpart in early 2022. Russian cybersecurity firm Kaspersky codenamed the cluster GoldDragon, with the infection chains leading to the deployment of Windows malware designed to file lists, user keystrokes, and stored web

Lessons from the Holy Ghost Ransomware Attacks

By Owais Sultan Originating in North Korea, the Holy Ghost ransomware operation has preyed primarily on small businesses, but that doesn’t mean larger businesses can ignore it. This is a post from HackRead.com Read the original post: Lessons from the Holy Ghost Ransomware Attacks

CVE-2022-32811: About the security content of macOS Big Sur 11.6.8

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina. An app may be able to execute arbitrary code with kernel privileges.