Planned Parenthood has confirmed it suffered a cyberattack affecting its IT systems, forcing it to take parts of its infrastructure offline to contain the damage. […] Go to Source Author: Bill Toulas
Category Archives: Security
American semiconductor supplier Microchip Technology Incorporated has confirmed that employee information was stolen from systems compromised in an August cyberattack, which was later claimed by the Play ransomware gang. […] Go to Source Author: Sergiu Gatlan
The MacroPack framework, initially designed for Red Team exercises, is being abused by threat actors to deploy malicious payloads, including Havoc, Brute Ratel, and PhatomCore. […] Go to Source Author: Bill Toulas
The FBI seized 32 web domains used by the Doppelgänger Russian-linked influence operation network in a disinformation campaign targeting the American public ahead of this year’s presidential election. […] Go to Source Author: Sergiu Gatlan
Cisco has fixed a command injection vulnerability in the Identity Services Engine (ISE) with public exploit code that lets attackers escalate privileges to root on vulnerable systems. […] Go to Source Author: Sergiu Gatlan
A new “EUCLEAK” flaw found in FIDO devices using the Infineon SLE78 security microcontroller, like Yubico’s YubiKey 5 Series, allows attackers to extract Elliptic Curve Digital Signature Algorithm (ECDSA) secret keys and clone the FIDO device. […] Go to Source Author: Bill Toulas
Cisco has removed a backdoor account in the Cisco Smart Licensing Utility (CSLU) that can be used to log into unpatched systems with administrative privileges. […] Go to Source Author: Sergiu Gatlan
“Another day, another vulnerability” is a familiar refrain among security teams worldwide. One of the most intriguing findings from our latest Fortinet Global Threat Landscape Report is that attackers are exploiting vulnerabilities faster than ever before. This average time-to-exploitation, 4.76 days, is 43% faster than our FortiGuard Labs team observed in the first half of […]
Cisco’s site for selling company-themed merchandise is currently offline and under maintenance due to hackers compromising it with JavaScript code that steals sensitive customer details provided at checkout. […] Go to Source Author: Ionut Ilascu
Google has released the September 2024 Android security updates to fix 34 vulnerabilities, including CVE-2024-32896, an actively exploited elevation of privilege flaw that was previously fixed on Pixel devices. […] Go to Source Author: Bill Toulas