October 17, 2023 at 11:54AM The Android ‘SpyNote’ malware was recently observed in attacks in Italy. The malware disguised itself as a fake ‘IT-alert’ public alert service, infecting visitors with information-stealing capabilities. The malware is distributed through a website that mimics the real IT-alert site, urging users to install the app for updates on an … Read more
October 17, 2023 at 10:51AM Two critical security flaws have been discovered in the CasaOS personal cloud software. These vulnerabilities allow attackers to bypass authentication and gain full access to the CasaOS dashboard. Additionally, attackers can exploit third-party applications to execute arbitrary commands on the system and gain persistent access. The flaws have been addressed … Read more
October 17, 2023 at 10:48AM MemComputing is a company that aims to break the von Neumann bottleneck in computing by combining processing and data in memory. This could potentially solve complex mathematical problems, such as prime factorization, that are currently difficult for classical computers. The company’s software emulation has shown promising results in reducing the … Read more
October 17, 2023 at 10:04AM Microsoft has resolved a known issue with Outlook for Microsoft 365 users that was causing slow starts and freezes. The problem occurred during cache re-priming and was related to difficulties in determining the default state of the cache. A fix has been released in the Beta Channel and will roll … Read more
October 17, 2023 at 10:04AM Threat actors are constantly finding new ways to trick end-users into giving up their credentials, leading to a rise in credential theft. Cybercriminals target credentials because people often reuse the same login information across multiple sites, giving hackers access to sensitive accounts. They use social engineering tactics like tailgating, spear … Read more
October 17, 2023 at 10:03AM A tabletop exercise is a discussion-based practice that simulates a cybersecurity incident response. It is important to take a social approach during the exercise and include various participants from different teams. It is also crucial to vary the threat types used in the exercise to ensure preparedness. The scenario should … Read more
October 17, 2023 at 09:30AM Anonybit, a provider of biometric authentication and data protection solutions, has raised $3 million in a seed extension round, bringing its total funding to $8 million. The funding was led by Jam Fintop, with additional investment from Connecticut Innovations. Anonybit’s technology uses distributed storage and processing of biometrics to securely … Read more
October 17, 2023 at 09:30AM Weintek’s cMT HMI product has been found to have critical vulnerabilities that could be exploited by attackers. The vulnerabilities allow anonymous users to bypass authentication and execute arbitrary commands. If all vulnerabilities are combined, an attacker could gain full control of the HMI system. Weintek has released patches for affected … Read more
October 17, 2023 at 09:20AM Attackers have exploited a critical zero-day bug to compromise and infect Cisco IOS XE devices with malicious implants. Threat intelligence company VulnCheck found thousands of compromised hosts. Cisco has advised administrators to disable the vulnerable HTTP server feature and look for breach indicators. A patch is not yet available. Key … Read more
October 17, 2023 at 09:06AM US authorities have urged network admins to patch a critical vulnerability in Atlassian Confluence Data Center and Server due to ongoing nation-state exploitation. The potential consequences of the exploit are severe, as attackers could create new admin accounts for themselves. The attackers have already demonstrated sophistication by attempting to modify … Read more