Connect with us
A Mirai-based botnet called ‘Moobot’ is spreading aggressively via exploiting a critical command injection flaw in the webserver of many Hikvision products. Hikvision is a state-owned...
Cybercriminals continue to evolve their tactics, developing more sophisticated ways to persistently target the global payments ecosystem. With the disruption of Joker’s Stash, Emotet, Netwalker, Egregor,...
Telos Corporation released new findings from research conducted by independent research firm Vanson Bourne that examines how financial services are faring with the ever-increasing challenge of...
Salt Security released new API threat research from Salt Labs that highlights a GraphQL API authorization vulnerability in a B2B financial technology (FinTech) platform. The findings,...
Burnout levels have risen throughout the COVID-19 pandemic. Employees in every industry are reporting burnout, which may lead to apathy and more security risks. In response...
The new Federal Information Security Modernization Act guidance also prioritizes security testing and doubles down on CISA’s Continuous Diagnostics and Mitigation program. The Office of Management...
Attackers could have modified the nameservers of any domain under Tonga’s country code top-level domain (ccTLD) due to a vulnerability in the TLD registrar’s website, security...
A drive-by remote code execution (RCE) vulnerability in Windows 10 that can be triggered simply by clicking a malicious URL could allow attackers full access to...
Developers have resolved a series of vulnerabilities in storage technologies from Kaseya, including two critical flaws that each posed a remote code execution risk. Two unauthenticated SQL injection...
A vulnerability in Jamf Pro, a popular mobile device management (MDM) platform for Apple devices, allowed attackers to stage server-side request forgery (SSRF) attacks on the application’s servers,...
