Recent Security News
-
October 10, 2023 at 06:06AM – New Magecart Campaign Alters 404 Error Pages to Steal Shoppers’ Credit Cards
October 10, 2023 at 06:06AM A new Magecart campaign is using websites’ 404 error pages to conceal malicious code, according to security researcher Roman Lvovsky. The campaign targets Magento and WooCommerce websites, inserting the code directly into HTML pages and scripts. The attacks use a multi-stage process to capture and exfiltrate visitor data on checkout…
-
October 10, 2023 at 04:33AM – Ransomware attacks register record speeds thanks to success of infosec industry
October 10, 2023 at 04:33AM A study conducted by Secureworks revealed that cyber attackers are now deploying ransomware within 24 hours of gaining initial access to a victim’s environment. In nearly two-thirds of cases, ransomware was deployed within a day, and in over 10% of incidents, it was deployed within five hours. This marks a…
-
October 10, 2023 at 03:06AM – libcue Library Flaw Opens GNOME Linux Systems Vulnerable to RCE Attacks
October 10, 2023 at 03:06AM A security flaw in the libcue library affects GNOME Linux systems, allowing remote code execution (RCE) when a user downloads a malicious .cue file. The vulnerability (CVE-2023-43641) is caused by memory corruption in libcue versions 2.2.1 and earlier. Detailed technical information has been withheld to give users time to update.…
-
October 10, 2023 at 02:18AM – Citrix Devices Under Attack: NetScaler Flaw Exploited to Capture User Credentials
October 10, 2023 at 02:18AM Threat actors are exploiting a critical flaw in Citrix NetScaler ADC and Gateway devices to conduct a credential harvesting campaign. The flaw, CVE-2023-3519, allows for remote code execution. Attackers are inserting a malicious script into the authentication web page and capturing user credentials. IBM X-Force has identified at least 600…
-
October 9, 2023 at 10:38PM – Exercise Cyber Star tests Singapore response
October 9, 2023 at 10:38PM The Exercise Cyber Star program, organized by the Cyber Security Agency of Singapore (CSA) and the SANS Institute, aims to improve Singapore’s ability to respond to cyber attacks. The fifth edition brought together participants from various sectors for workshops on threats like ransomware and insider threats. It also featured a…