October 16, 2023 at 08:35PM Connected medical devices are vulnerable to cyber attacks, endangering patient data and operations. Palo Alto Networks found that 75% of infusion pumps had at least one security flaw. Hospitals can enhance defenses by maintaining visibility of assets, identifying device exposures, implementing a zero trust approach, using virtual patching for legacy … Read more
October 16, 2023 at 07:59PM GenAI will revolutionize business, driving productivity gains across all sectors. Enterprises are racing to build AI-powered apps, but security teams must act now to ensure their robustness. The rapid development of these apps using various frameworks poses security challenges. Advanced security organizations are creating centers to inventory, assess, and secure … Read more
October 16, 2023 at 06:27PM Kaspersky has launched Kaspersky Container Security (KCS), a full-featured solution for containerized environments. KCS provides security for containerized applications during development and runtime, offering protection from cyber incidents. It consists of three main components: KCS scanner, KCS agent, and KCS server. KCS easily integrates into DevSecOps frameworks and helps ensure … Read more
October 16, 2023 at 05:37PM Discord is increasingly being used by hackers and advanced persistent threat (APT) groups to distribute malware, steal data, and target critical infrastructure. Trellix’s report highlights how Discord’s content delivery network (CDN) is utilized for delivering malicious payloads, while webhooks are abused for data theft. The report also notes that APT … Read more
October 16, 2023 at 05:07PM Cyber attackers are using a modified version of the RedAlert application, which warns Israelis of incoming airstrikes, to collect sensitive data from users. The spoofed version gives cybercriminals access to contacts, call logs, SMS details, and other information. Users who installed the Android version of the app from a specific … Read more
October 16, 2023 at 04:52PM Cisco has disclosed a critical zero-day vulnerability in the Web User Interface of its IOS XE operating system. The flaw, assigned as CVE-2023-20198, affects all Cisco IOS XE devices with the Web UI feature enabled and allows attackers to create an account with complete device control. Cisco advises customers to … Read more
October 16, 2023 at 04:10PM The information systems of state courts across Kansas are offline due to a security incident. This includes the eFiling system, electronic payments system, and case management systems. The courts are still operational but are only accepting paper filings and payments made via fax or mail. Filing deadlines may be extended … Read more
October 16, 2023 at 03:13PM A critical vulnerability in Royal Elementor Addons and Templates up to version 1.3.78 is being actively exploited by hackers. The flaw, tracked as CVE-2023-5360, allows unauthenticated attackers to upload arbitrary files and potentially achieve remote code execution, compromising the websites. Two WordPress security firms have reported a significant increase in … Read more
October 16, 2023 at 02:44PM The Women Political Leaders Summit 2023 conference attendees were targeted by a cyber espionage campaign through a spoofed event website loaded with a malware called ROMCOM 4.0. The campaign focused on individuals promoting gender equality in the European Union. The cybercriminal group behind the attack, Void Rabisu, has evolved from … Read more
October 16, 2023 at 02:08PM The Russian hacking group known as ‘Sandworm’ has compromised eleven telecommunication service providers in Ukraine between May and September 2023, according to a report by Ukraine’s Computer Emergency Response Team (CERT-UA). The hackers interfered with communication systems, causing service interruptions and potential data breaches. Sandworm used various tactics, including phishing … Read more