Authorities Fully Behead Hydra Dark Marketplace
The popular underground market traded in drugs, stolen data, forged documents and more — raking in billions in Bitcoin. Continue reading Authorities Fully Behead Hydra Dark Marketplace
Category Archives: Web Security
Apple Rushes Out Patches for 0-Days in MacOS, iOS
The vulnerabilities could allow threat actors to disrupt or access kernel activity and may be under active exploit.
Continue reading Apple Rushes Out Patches for 0-Days in MacOS, iOS
Belarusian ‘Ghostwriter’ Actor Picks Up BitB for Ukraine-Related Attacks
Ghostwriter is one of 3 campaigns using war-themed attacks, with cyber-fire coming in from government-backed actors in China, Iran, North Korea & Russia. Continue reading Belarusian ‘Ghostwriter’ Actor Picks Up BitB for Ukraine-Related Attacks
QNAP Customers Adrift, Waiting on Fix for OpenSSL Bug
QNAP is warning clients that a recently disclosed vulnerability affects most of its NAS devices, with no mitigation available while the vendor readies a patch.
Continue reading QNAP Customers Adrift, Waiting on Fix for OpenSSL Bug
A Blockchain Primer and a Bored Ape Headscratcher – Podcast
Mystified? Now’s the time to learn about cryptocurrency-associated risks: Listen to KnowBe4’s Dr. Lydia Kostopoulos explain blockchain, NFTs and how to stay safe. Continue reading A Blockchain Primer and a Bored Ape Headscratcher – Podcast
Critical RCE Bug in Spring Could Be the Next Log4Shell, Researchers Warn
The so-called ‘Spring4Shell’ bug has cropped up, so to speak, and could be lurking in literally millions of Java applications. Continue reading Critical RCE Bug in Spring Could Be the Next Log4Shell, Researchers Warn
Cyberattackers Target UPS Backup Power Devices in Mission-Critical Environments
The active attacks could result in critical-infrastructure damage, business disruption, lateral movement and more. Continue reading Cyberattackers Target UPS Backup Power Devices in Mission-Critical Environments
Lapsus$ ‘Back from Vacation’
Lapsus$ added IT giant Globant plus 70GB of leaked data – including admin credentials for scads of customers’ DevOps platforms – to its hit list.
Continue reading Lapsus$ ‘Back from Vacation’
Google Chrome Bug Actively Exploited as Zero-Day
The internet giant issued an update for the bug, which is found in the open-source V8 JavaScript engine. Continue reading Google Chrome Bug Actively Exploited as Zero-Day
MSHTML Flaw Exploited to Attack Russian Dissidents
A Ukrainian-based threat actor is spearphishing Russians who are using services that have been banned by the Kremlin.
Continue reading MSHTML Flaw Exploited to Attack Russian Dissidents