VU#213092

VU#213092

Overview. Pulse Connect Secure (PCS) gateway contains a vulnerability that can allow an unauthenticated remote attacker to execute arbitrary code. Description. CVE-2021-22893. An unspecified vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse….

Hackers stole driver’s license numbers from Geico’s website

Hackers stole driver’s license numbers from Geico’s website

Geico has filed a data breach notice with the California attorney general’s office, admitting that fraudsters had stolen customers’ driver’s license numbers from its website. In the notice, discovered by TechCrunch, the American auto insurance titan said that from January 21st to March 1st this year, bad actors infiltrated its website using information on its…

Cyber-security experts warn of Facebook Messenger ‘upgrade’ scam, Courts & Crime News & Top Stories

Cyber-security experts warn of Facebook Messenger ‘upgrade’ scam, Courts & Crime News & Top Stories

SINGAPORE – Scammers are targeting Singaporeans by promoting an allegedly upgraded version of Facebook Messenger that redirects victims to scam sites that steal their data. And it appears they were promoting the scam with ads on Facebook itself. International cyber-security company Group-IB has flagged the scam campaign, which involves about 1,000 fake Facebook profiles targeting…

Live Webinar | Are you SASE Ready? 5 Steps for Building Your SASE RoadmapWebinar.

Live Webinar | Are you SASE Ready? 5 Steps for Building Your SASE RoadmapWebinar.

Cloud Access Security Brokers (CASB) , Cloud Security , Network Detection & Response Presented by iboss     60 minutes     Secured Access Service Edge, or SASE, is no longer a buzzword tossed around by cybersecurity pundits but is a robust, cloud-based service model to enable secure anywhere, anytime access from any device. …

Lazarus APT has found a clever way to conceal its malicious code

Lazarus APT has found a clever way to conceal its malicious code

Lazarus APT, a North Korean threat actor known for its sophisticated attacks, has been observed using a clever method to bypass security mechanisms by hiding its malicious code within a bitmap (.BMP) image file used to drop a remote access trojan (RAT) capable of stealing sensitive information. According to researchers at Malwarebytes Labs,…

Lazarus APT Hackers are now using BMP images to hide RAT malware – KK Hack Labs

Lazarus APT Hackers are now using BMP images to hide RAT malware – KK Hack Labs

A spear-phishing attack operated by a North Korean threat actor targeting its southern counterpart has been found to conceal its malicious code within a bitmap (.BMP) image file to drop a remote access trojan (RAT) capable of stealing sensitive information.Attributing the attack to the Lazarus Group based on similarities to prior tactics adopted by the adversary, researchers…

Did Huawei Eavesdrop on KPN Mobile Network?

Did Huawei Eavesdrop on KPN Mobile Network?

3rd Party Risk Management , Endpoint Security , Governance & Risk Management KPN Disputes Reported Surveillance Risk to Users, Who Included Dutch Prime Minister Mathew J. Schwartz (euroinfosec) • April 20, 2021     KPN Telecom offices in Amersfoort, the Netherlands (Photo: Vysotsky via Wikimedia Commons) A bombshell news report suggests that Dutch mobile network…

Zscaler buys startup Trustdome – Security

Zscaler buys startup Trustdome – Security

Zscaler has agreed to purchase startup Trustdome and its technology that’s used to get control over who and what has access to data, applications, and services in public cloud environments. The cloud security vendor said Ramat Gan, Israel-based Trustdome’s Cloud Infrastructure Entitlement Management (CIEM) platform will help businesses reduce their public cloud attack surface and…