Collaborate Disseminate
Security researchers tracking a known pre-authentication remote code execution vulnerability in Zoho’s ManageEngine products are warning organizations to brace for “spray and pray” attacks across the internet.
read more Continue reading Researchers: Brace for Zoho ManageEngine ‘Spray and Pray’ Attacks
A series of vulnerabilities affecting industrial routers made by InHand Networks could allow hackers to bypass security systems and gain access to internal operational technology (OT) networks from the internet.
read more Continue reading InHand Industrial Router Vulnerabilities Expose Internal OT Networks to Attacks
Canadian liquor distributor Liquor Control Board of Ontario (LCBO) has announced that a web skimmer injected into its online store was used to steal users’ personal data.
read more Continue reading Website of Canadian Liquor Distributor LCBO Infected With Web Skimmer
The US Department of Defense (DoD) is getting ready to launch the third installment of its ‘Hack the Pentagon’ bug bounty program, which will focus on the Facility Related Controls System (FRCS) network.
read more Continue reading Hack the Pentagon 3.0 Bug Bounty Program to Focus on Facility Control Systems
Software development service CircleCI has revealed that a recently disclosed data breach was the result of information stealer malware being deployed on an engineer’s laptop.
The incident was initially disclosed on January 4, when CircleCI urged custom… Continue reading CircleCI Hacked via Malware on Employee Laptop
A hacktivist group has made bold claims regarding an attack on an industrial control system (ICS) device, but industry professionals have questioned their claims.
read more Continue reading Cybersecurity Experts Cast Doubt on Hackers’ ICS Ransomware Claims
A top U.S. intelligence official on Thursday urged Congress to renew sweeping powers granted to American spy agencies to surveil and examine communications, saying they were critical to stopping terrorism, cyberattacks and other threats.
read more Continue reading NSA Director Pushes Congress to Renew Surveillance Powers
Most internet-exposed Cacti installations have not been patched against a critical-severity command injection vulnerability that is being exploited in attacks.
read more Continue reading Most Cacti Installations Unpatched Against Exploited Vulnerability
Security researchers are observing exploitation attempts targeting a critical Control Web Panel (CWP) vulnerability, following the publication of proof-of-concept (PoC) code in early January.
read more Continue reading Exploitation of Control Web Panel Vulnerability Starts After PoC Publication
The first round of security advisories published by Juniper Networks for 2023 cover hundreds of vulnerabilities that have been patched in the networking giant’s products.
read more Continue reading Juniper Networks Kicks Off 2023 With Patches for Over 200 Vulnerabilities