Browsing Category
Latest News
1144 posts
Russian authorities able to identify train saboteur from anonymous Telegram account
A teenager in Russia who reportedly stopped a train by wrapping copper wire around the tracks was arrested…
In latest check-in, spy agencies describe ‘ramp up’ in election influence
U.S. intelligence agencies on Friday said they are observing foreign actors “ramp up” their efforts to influence the…
YouTube removes Tenet Media channel over alleged ties to Russian disinformation effort
Google has shut down several YouTube channels belonging to a company the Justice Department linked this week to…
Russian dark web marketplace admins indicted after arrest in Miami
Two men have been indicted for their role in managing a popular Russian dark web marketplace known for…
SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation
SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible.
The vulnerability, tracked as CVE-2024-40766, carries a CVSS score of 9.3 out of a maximum of 10.
"An improper access control vulnerability has been identified in the SonicWall SonicOS management
GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware
A recently disclosed security flaw in OSGeo GeoServer GeoTools has been exploited as part of multiple campaigns to deliver cryptocurrency miners, botnet malware such as Condi and JenX, and a known backdoor called SideWalk.
The security vulnerability is a critical remote code execution bug (CVE-2024-36401, CVSS score: 9.8) that could allow malicious actors to take over susceptible instances.
In
GitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious Code
Threat actors have long leveraged typosquatting as a means to trick unsuspecting users into visiting malicious websites or downloading booby-trapped software and packages.
These attacks typically involve registering domains or packages with names slightly altered from their legitimate counterparts (e.g., goog1e.com vs. google.com).
Adversaries targeting open-source repositories across
DC/Reston Cybersecurity Conference
September 12, 2024Location: Sheraton Reston Hotel, Reston, Virginia, USA Don’t miss the DC/Reston Cybersecurity Conference! Gain critical insights…
US posts indictments, rewards in Russia’s WhisperGate hacks against Ukraine
Federal agencies continued to confront Russian cyber-operations on Thursday, unsealing an indictment against members of a Russian military…
Use of Predator spyware rebounds after a dip from Biden sanctions, researchers say
The powerful commercial surveillance tool Predator may have taken a beating in March when U.S. officials announced sweeping…