Another zero-day vulnerability in SolarWinds Serv-U product exploited by cyber criminals
Similar Posts
CISA launches new initiative to combat ransomware — FCW
Cybersecurity CISA launches new initiative to combat ransomware By Chris Riotta Aug 05, 2021 The Cybersecurity and Infrastructure Security Agency (CISA) has officially unveiled the Joint Cyber Defense Collaborative (JCDC), a new effort to combat ransomware attacks by expanding info sharing between the public and private sectors, with Amazon, Google and Microsoft…
Experian API Leaks Most Americans’ Credit Scores
A researcher is claiming that the credit scores of almost every American were exposed through an API tool used by the Experian credit bureau, that he said was left open on a lender site without even basic security protections. Experian downplayed concerns from the security community that the issue could be systemic.
OODA Loop – Bug in Millions of Flawed IoT Devices Lets Attackers Eavesdrop
Security researchers have reported a critical flaw affecting tens of millions of IoT devices. According to the researchers, a remote attacker could leverage the vulnerability to eavesdrop on live audio or take control of the device. The flaw was found in ThroughTek’s Kalay network, which is used in 83 million devices. The flaw also affects…
Hackers Exploited Fortinet Bugs to Gain Access of a U.S. Gov Servers
Recently, APT group or the state-sponsored hackers have exploited the vulnerabilities in an unpatched Fortinet VPN to compromise the webserver of a U.S. municipal government web server, as reported by the FBI (Federal Bureau of Investigation). The APT (Advanced Persistent Threat) hackers created new servers, domain controllers, and workstation user accounts just after gaining access…
Researchers Link CryptoCore Attacks On Cryptocurrency Exchanges to North Korea
State-sponsored hackers affiliated with North Korea have been behind a slew of attacks on cryptocurrency exchanges over the past three years, new evidence has revealed. Attributing the attack with “medium-high” likelihood to the Lazarus Group (aka APT38 or Hidden Cobra), researchers from Israeli cybersecurity firm ClearSky said the campaign, dubbed “CryptoCore,” targeted crypto exchanges in…
Fake Cryptocurrency Mining Apps Let Trick Victims Into Watching Ads
Google recently removed eight fraudulent cryptocurrency mining apps from its official app store that is Play Store. All the eight fake mining apps removed were loaded with fraudulent functions like watching Ads and paying for subscription services. The cybersecurity experts at Trend Micro analyzed all the eight apps that were removed from the Play Store…