October 16, 2023 at 01:40PM Many state courts in Kansas are relying on paper filings due to an ongoing security incident, which may last for weeks. The Kansas Supreme Court turned off its eFiling system to examine the incident, and all filings must now be done on paper or by fax. The extent of the … Read more
October 16, 2023 at 11:52AM Cisco has warned administrators about a severe zero-day vulnerability in its IOS XE Software that allows attackers to gain full control of affected routers. The vulnerability, identified as CVE-2023-20198, only affects devices with the Web User Interface feature enabled and the HTTP or HTTPS Server feature toggled on. Cisco advises … Read more
October 16, 2023 at 11:23AM Security researchers have discovered a backdoor called “BLOODALCHEMY” that targets x86 systems and is being used in attacks against governments and organizations in the Association of Southeast Asian Nations (ASEAN). The backdoor is part of the REF5961 intrusion set, which is believed to be linked to a group with ties … Read more
October 16, 2023 at 11:23AM A malicious version of the ‘RedAlert – Rocket Alerts’ app is targeting Israeli Android users. The fake app, distributed from the website “redalerts[.]me,” appears legitimate but installs spyware on the device. It requests additional permissions and collects data from the user, encrypting and uploading it to a hardcoded IP address. … Read more
October 16, 2023 at 11:08AM CISA, FBI, and MS-ISAC have issued a warning to network administrators to immediately patch their Atlassian Confluence servers due to a critical privilege escalation flaw (CVE-2023-22515) that is actively being exploited. The flaw affects Confluence Data Center and Server 8.0.0 and later versions. Atlassian has released security updates and advised … Read more
October 16, 2023 at 10:46AM The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) have issued a joint Cybersecurity Advisory (CSA) about the active exploitation of CVE-2023-22515, a vulnerability in Atlassian Confluence Data Center and Server. This vulnerability allows cyber threat actors to gain … Read more
October 16, 2023 at 10:36AM Signal denies the existence of a zero-day exploit in its encrypted chat app, dismissing viral rumors as baseless. The rumored vulnerability involves the “generate link preview” feature, which has known privacy and security risks. Signal checked with contacts within the US Government, as claimed by the report, and found no … Read more
October 16, 2023 at 10:36AM Australian researchers have developed an AI-driven cyber intrusion detection system to assist unmanned military robots in identifying man-in-the-middle (MitM) cyberattacks. The system, which uses deep learning convolutional neural networks (CNNs), aims to reduce vulnerabilities in the robot operating system (ROS) used by civilian and military robots. The algorithm achieved 99% … Read more
October 16, 2023 at 10:08AM The global cyber insurance market is growing rapidly, expected to reach $84.62 billion by 2030. However, many companies are uncertain about how much coverage they need, and insurers struggle to assess individual risk. This has led to significant losses in the cyber insurance market. Rates have spiked due to increased … Read more
October 16, 2023 at 10:03AM Russian hacking groups have been exploiting a security vulnerability in the WinRAR archiving utility to launch a phishing campaign. The attack involves malicious archive files that exploit the vulnerability, allowing the attacker to gain remote access to compromised systems. The campaign also steals data from Google Chrome and Microsoft Edge … Read more