Recent Security News
-
Vulnerabilities in CUSG CMS Exposed Credit Unions to Attacks
February 16, 2024 at 08:09AM Vulnerabilities in the CU Solutions Group (CUSG) content management system (CMS) posed a threat to credit unions, as hackers could exploit them to gain unauthorized access to sensitive data. The flaws included cross-site scripting and SQL injection bugs, allowing attackers to obtain login credentials and admin privileges. CUSG has since…
-
Cutting kids off from the dark web – the solution can only ever be social
February 16, 2024 at 07:07AM The murder of Brianna Ghey has sparked a debate on children’s access to the dark web in the UK. Ciaran Martin weighed in, emphasizing the need for greater focus on educating children about the dark web. Concerns about the Online Safety Act and children’s engagement in cybercrime were also highlighted,…
-
CISA Urges Patching of Cisco ASA Flaw Exploited in Ransomware Attacks
February 16, 2024 at 06:57AM The US security agency CISA has added CVE-2020-3259, a vulnerability affecting Cisco ASA and FTD products, to its Known Exploited Vulnerabilities catalog. It allows remote attackers to access sensitive information. CISA urges organizations to address it promptly after evidence suggesting exploitation by the Akira ransomware group emerged. Cisco is advised…
-
Why We Must Democratize Cybersecurity
February 16, 2024 at 06:45AM NTT Security is addressing cybersecurity challenges for small to medium businesses (SMBs) by democratizing security operations through its Global Threat Intelligence Center (GTIC), which provides advanced threat research and security intelligence, and by developing the Samurai XDR product, a cloud-hosted application that offers affordable security solutions for SMBs. The product…
-
Malicious ‘SNS Sender’ Script Abuses AWS for Bulk Smishing Attacks
February 16, 2024 at 06:45AM A Python script called SNS Sender is being utilized to send fraudulent SMS messages through AWS SNS, posing as messages from USPS to trick users into disclosing personal and payment information. The tool leverages AWS SNS to conduct SMS spamming attacks and is linked to a threat actor named ARDUINO_DAS.…