Browsing Category

Threat Advisories

179 posts

Briefings on the latest cybersecurity threats, vulnerabilities, and critical action items for security practitioners.

Palo Alto Recommends Urgent Mitigation For Authentication Bypass Vulnerability in PAN-OS

Palo Alto Networks recommends patching vulnerable PAN-OS versions and mitigating network access to their management interface, which could allow an unauthenticated attacker to gain administrator privileges.

November 19, 2024 19:25 GMT

Weekly Top 10: 11.18.2024: Microsoft Exchange Adds Warning to Emails Abusing Spoofing Flaw; Evasive ZIP Concatenation: Trojan Targets Windows Users; Microsoft November 2024 Patch Tuesday Fixes 4 Zero-Days, 89 Flaws, and More.

Weekly Top 10: 11.18.2024: Weekly Top 10: 11.18.2024: Microsoft Exchange Adds Warning to Emails Abusing Spoofing Flaw; Evasive ZIP Concatenation: Trojan Targets Windows Users; Microsoft November 2024 Patch Tuesday Fixes 4 Zero-Days, 89 Flaws, and More

November 18, 2024 16:00 GMT

Weekly Top 10: 11.11.2024: Veeam Backup Exploit Used by Frag Ransomware; North Korean Hackers Use macOS Malware to Steal Crypto; Palo Alto PAN-OS May be Vulnerable to RCE, and More.

Weekly Top 10: 11.11.2024: Veeam Backup Exploit Used by Frag Ransomware; North Korean Hackers Use macOS Malware to Steal Crypto; Palo Alto PAN-OS May be Vulnerable to RCE, and More

November 11, 2024 16:00 GMT

Weekly Top 10: 11.04.2024: Android Malware ‘FakeCall’ Hijacks Outgoing Calls; PTZ Cameras Being Targeted Using Two Zero-Days; Hacker Group TeamTNT Targets Docker Environments, and More.

Weekly Top 10: 11.04.2024: Android Malware 'FakeCall' Hijacks Outgoing Calls; PTZ Cameras Being Targeted Using Two Zero-Days; Hacker Group TeamTNT Targets Docker Environments, and More

November 4, 2024 16:00 GMT

Weekly Top 10: 10.28.2024: Severe Flaws in E2EE Cloud Storage Platforms Used by Millions; ClickFix Tactic: The Phantom Meet; Firm Hacked After Accidentally Hiring North Korean Cyber Criminal, and More.

Weekly Top 10: 10.21.2024: Severe Flaws in E2EE Cloud Storage Platforms Used by Millions; ClickFix Tactic: The Phantom Meet; Firm Hacked After Accidentally Hiring North Korean Cyber Criminal, and More

October 28, 2024 16:00 GMT

Weekly Top 10: 10.21.2024: North Korean Threat Actors Target ATMs; BianLian Claims Responsibility for Attack on Children’s Hospital; Hacker Behind the Infamous NPD Breach Arrested by Brazilian Authorities, and More.

Weekly Top 10: 10.21.2024: North Korean Threat Actors Target ATMs; BianLian Claims Responsibility for Attack on Children’s Hospital; Hacker Behind the Infamous NPD Breach Arrested by Brazilian Authorities, and More

October 21, 2024 16:00 GMT

Weekly Top 10: 10.14.2024: American Water Under Attack Forced to Shut Down Systems; Ukrainian National Pled Guilty to Involvement in Raccoon Stealer; 31 Million Accounts Leaked in Security Breach Against the Internet Archive, and More.

Weekly Top 10: 10.14.2024: American Water Under Attack Forced to Shut Down Systems; Ukrainian National Pled Guilty to Involvement in Raccoon Stealer; 31 Million Accounts Leaked in Security Breach Against the Internet Archive, and 7 more.

October 14, 2024 16:00 GMT

Weekly Top 10: 10.7.2024: When CUPS Runneth Over: The Threat of DDoS; Perfctl: A Stealthy Malware Targeting Millions of Linux Servers; WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks, and More.

Weekly Top 10: 10.7.2024: When CUPS Runneth Over: The Threat of DDoS; Perfctl: A Stealthy Malware Targeting Millions of Linux Servers; WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks, and 7 more.

October 7, 2024 16:00 GMT

Weekly Top 10: 9.30.2024: Critical Unauthenticated RCE Discovered in Linux; Meta Fined 91 Million Euros for Insecure Password Storage; Windows Vulnerable to Privilege Escalation Attack, and More.

Weekly Top 10: 9.30.2024: Critical Unauthenticated RCE Discovered in Linux; Meta Fined 91 Million Euros for Insecure Password Storage; Windows Vulnerable to Privilege Escalation Attack, and 7 more.

September 30, 2024 16:00 GMT

Weekly Top 10: 9.23.2024: Enterprise ServiceNow Knowledge Bases at Risk: Extensive Data Exposures Uncovered; Highway Blobbery: Data Theft using Azure Storage Explorer; Chinese Botnet Infects 260,000 SOHO Routers, IP Cameras with Malware, and More.

Weekly Top 10: 9.23.2024: Enterprise ServiceNow Knowledge Bases at Risk: Extensive Data Exposures Uncovered; Highway Blobbery: Data Theft using Azure Storage Explorer; Chinese Botnet Infects 260,000 SOHO Routers, IP Cameras with Malware, and 7 more.

September 23, 2024 16:00 GMT

Hand-Picked Top-Read Stories

Palo Alto Recommends Urgent Mitigation For Authentication Bypass Vulnerability in PAN-OS

Weekly Top 10: 11.18.2024: Microsoft Exchange Adds Warning to Emails Abusing Spoofing Flaw; Evasive ZIP Concatenation: Trojan Targets Windows Users; Microsoft November 2024 Patch Tuesday Fixes 4 Zero-Days, 89 Flaws, and More.

What Happened To The Internet Archive?

Trending Tags

Threat Advisories

Palo Alto Recommends Urgent Mitigation For Authentication Bypass Vulnerability in PAN-OS

Weekly Top 10: 11.18.2024: Microsoft Exchange Adds Warning to Emails Abusing Spoofing Flaw; Evasive ZIP Concatenation: Trojan Targets Windows Users; Microsoft November 2024 Patch Tuesday Fixes 4 Zero-Days, 89 Flaws, and More.

Weekly Top 10: 11.11.2024: Veeam Backup Exploit Used by Frag Ransomware; North Korean Hackers Use macOS Malware to Steal Crypto; Palo Alto PAN-OS May be Vulnerable to RCE, and More.

Weekly Top 10: 11.04.2024: Android Malware ‘FakeCall’ Hijacks Outgoing Calls; PTZ Cameras Being Targeted Using Two Zero-Days; Hacker Group TeamTNT Targets Docker Environments, and More.

Weekly Top 10: 10.28.2024: Severe Flaws in E2EE Cloud Storage Platforms Used by Millions; ClickFix Tactic: The Phantom Meet; Firm Hacked After Accidentally Hiring North Korean Cyber Criminal, and More.

Weekly Top 10: 10.21.2024: North Korean Threat Actors Target ATMs; BianLian Claims Responsibility for Attack on Children’s Hospital; Hacker Behind the Infamous NPD Breach Arrested by Brazilian Authorities, and More.

Weekly Top 10: 10.14.2024: American Water Under Attack Forced to Shut Down Systems; Ukrainian National Pled Guilty to Involvement in Raccoon Stealer; 31 Million Accounts Leaked in Security Breach Against the Internet Archive, and More.

Weekly Top 10: 10.7.2024: When CUPS Runneth Over: The Threat of DDoS; Perfctl: A Stealthy Malware Targeting Millions of Linux Servers; WordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS Attacks, and More.

Weekly Top 10: 9.30.2024: Critical Unauthenticated RCE Discovered in Linux; Meta Fined 91 Million Euros for Insecure Password Storage; Windows Vulnerable to Privilege Escalation Attack, and More.

Threat Advisories

Weekly Top 10: 9.16.2024: Phishing Pages Delivered Through Refresh HTTP Response Header; Progress LoadMaster Vulnerable to 10/10 Severity RCE Flaw; Microsoft Fixes Windows Smart App Control Zero-Day Exploited Since 2018, and More.

Weekly Top 10: 9.9.2024: Command Injection Vulnerability Discovered in Zyxel Routers; New Android Trojan Poses as Banking Applications; DrayTek Vulnerability Added to CISA’s KEV List, and More.

Weekly Top 10: 9.2.2024: Trend Micro Discovers Cryptojacking Attacks Targeting Atlassian Confluence Servers; Windows Downgrading Tool Publicly Available; BlackByte Ransomware Attacking VMware ESXi Servers, and More.

Weekly Top 10: 8.26.2024: Analyzing the Cthulhu Stealer Malware for macOS; PG_MEM: A Malware Hidden in the Postgres Processes; NUMOZYLOD Malware Distributed Through Popular Searches, and More.

Weekly Top 10: 8.19.2024: Net Suite E-Commerce Sites Leak Customer Information; Google Disrupts Iranian-Linked Hacking Campaigns; Russian InfoStealer Malware Campaign Mimics Legitimate Brands, and More.

Education

Protecting Microsoft Teams From Data Exfiltration – A Tactical DLP Rule

Anatomy of a Data Breach

OpenAI Cybersecurity Research

Breach Report: Healthcare

Analysis of GalComm Chrome Extension Malware