Recent Security News
-
Protecting Critical Infrastructure Means Getting Back to Basics
January 8, 2024 at 10:02AM Critical infrastructure organizations are both more efficient and more vulnerable due to dramatic changes in technology and cybersecurity landscapes. The integration of IoT, smart devices, and OT with IT operations onto cloud platforms streamlines operations but also increases susceptibility to cyberattacks. Rigorous asset management, simulations, and response readiness are crucial…
-
QNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk Products
January 8, 2024 at 09:54AM QNAP Systems has released patches for a dozen vulnerabilities, including high-severity flaws affecting its operating system and products like QTS, QuTS hero, Video Station, and QuMagie. These vulnerabilities could allow remote attackers to execute arbitrary code, perform SQL injection and OS command injection, and exploit cross-site scripting flaws. Details can…
-
Turkish Cyberspies Targeting Netherlands
January 8, 2024 at 09:54AM A cyberespionage group, likely linked to Turkey, named Sea Turtle, Cosmic Wolf, Marbled Dust, Silicon, and Teal Kurma, has been targeting public and private organizations in the Netherlands. The group, observed by Dutch incident response provider Hunt & Hackett, conducted multiple espionage campaigns focusing on government, telecommunications, media, NGOs, ISPs,…
-
Iranian Crypto Exchange Misstep Exposes User Details
January 8, 2024 at 09:14AM A misconfigured object storage system at Iranian crypto exchange bit24.cash exposed personal details of 230,000 citizens. Researchers found unprotected and open S3 buckets storing users’ verification documents, including consent letters, passport information, and credit card details. However, bit24.cash assured no evidence of a breach and confirmed securing the storage instance.…