Recent Security News
-
Fraud Detection Firm Spec Raises $15 Million
October 20, 2023 at 11:24AM Spec, a fraud detection and defense startup, has secured $15 million in a Series A funding round led by SignalFire. The San Jose-based company offers a no-code orchestration platform that protects online transactions from fraudulent attacks, including AI-powered ones, in real time. The funding will be used to enhance Spec’s…
-
Critical RCE flaws found in SolarWinds access audit solution
October 20, 2023 at 11:06AM Researchers discovered three critical remote code execution vulnerabilities in SolarWinds Access Rights Manager (ARM), allowing attackers to run code with SYSTEM privileges. SolarWinds ARM helps organizations manage and audit user access rights. The vendor promptly released a patch in version 2023.2.1 of the system. The vulnerabilities’ severity ratings are all…
-
What are Your Exception Expectations?
October 20, 2023 at 10:44AM In the field of cybersecurity, organizations tend to focus on new and flashy technologies, but they often overlook the importance of mastering the basics. One fundamental aspect is handling exceptions to security policies and procedures. Attackers take advantage of exceptions to infiltrate organizations, so it is crucial to have a…
-
Malvertisers Using Google Ads to Target Users Searching for Popular Software
October 20, 2023 at 10:09AM A malvertising campaign using Google Ads has been discovered that targets users searching for popular software. The campaign directs users to fake landing pages and distributes malware payloads. The attack filters out bots and unwanted IP addresses, and redirects potential victims to replica websites. The malware establishes a connection to…
-
Vietnamese Hackers Target U.K., U.S., and India with DarkGate Malware
October 20, 2023 at 10:09AM Vietnamese actors linked to the Ducktail stealer have been using DarkGate malware to target entities in the UK, US, and India. The increase in DarkGate campaigns is attributed to the decision to rent it out on a malware-as-a-service basis. The campaigns also involve LOBSHOT and RedLine Stealer, with similar tactics…