English News

NAME:WRECK vulnerabilities impact millions of smart and industrial devices

NAME:WRECK vulnerabilities impact millions of smart and industrial devices

Security researchers have found a new set of vulnerabilities that impact hundreds of millions of servers, smart devices, and industrial equipment. Called NAME:WRECK, the vulnerabilities have […]
Microsoft: Malware gang uses website contact forms for distribution

Microsoft: Malware gang uses website contact forms for distribution

Microsoft said today it spotted a cybercrime operation abusing contact forms on legitimate websites to target companies and their workers in attempts to infect them […]
2021 Industry Cyber-Exposure (ICER): Fortune 500 Report

2021 Industry Cyber-Exposure (ICER): Fortune 500 Report

Executive Summary As the world’s knowledge workers were driven home amid a pandemic and cases of ransomware ran rampant across the internet, measuring the world’s […]
Using Aviary to Analyze Post-Compromise Threat Activity in M365 Environments

Using Aviary to Analyze Post-Compromise Threat Activity in M365 Environments

Aviary is a new dashboard that CISA and partners developed to help visualize and analyze outputs from its Sparrow detection tool released in December 2020. […]
Visa Describes New Skimming Attack Tactics

Visa Describes New Skimming Attack Tactics

Visa’s Payment Fraud Disruption team reports that cybercriminals are increasingly using web shells to establish command and control over retailers‘ servers during payment card skimming […]
SAP and Onapsis Proactively Notify and Help Customers Protect Mission-Critical Applications from Active Cyber Threats

SAP and Onapsis Proactively Notify and Help Customers Protect Mission-Critical Applications from Active Cyber Threats

SAP and Onapsis today jointly released a cyber threat intelligence report providing actionable information on how malicious threat actors are targeting and potentially exploiting unprotected […]
Procurement Guidelines for Cybersecurity in Hospitals: New Online tool for a Customised Experience!

Procurement Guidelines for Cybersecurity in Hospitals: New Online tool for a Customised Experience!

The new tool helps healthcare organisations identify best practices in order to meet cybersecurity needs when procuring products or services. To facilitate the use of […]
What Really Caused Facebook’s 500M-User Data Leak?

What Really Caused Facebook’s 500M-User Data Leak?

Since Saturday, a massive trove of Facebook data has circulated publicly, splashing information from roughly 533 million Facebook users across the internet. The data includes […]
Emerging hacking tool ‚EtterSilent‘ mimics DocuSign, researchers find

Emerging hacking tool ‚EtterSilent‘ mimics DocuSign, researchers find

Hackers are using a new, malleable malicious document builder to run their criminal schemes, according to Intel 471 research published Tuesday. The document builder, known […]
SAP Bugs Under Active Cyberattack, Causing Widespread Compromise

SAP Bugs Under Active Cyberattack, Causing Widespread Compromise

Cyberattackers are actively exploiting known security vulnerabilities in widely deployed, mission-critical SAP applications, allowing for full takeover and the ability to infest an organization further. […]
European Institutions Were Targeted in a Cyber-Attack Last Week

European Institutions Were Targeted in a Cyber-Attack Last Week

A range of European Union institutions including the European Commission were hit by a significant cyber-attack last week. A spokesperson for the commission said that […]
533 Million Facebook Users‘ Phone Numbers and Personal Data Leaked Online

533 Million Facebook Users‘ Phone Numbers and Personal Data Leaked Online

In what’s likely to be a goldmine for bad actors, personal information associated with approximately 533 million Facebook users worldwide has been leaked on a […]
Cyber-enabled information operation targets Poland with radiological leak hoax

Cyber-enabled information operation targets Poland with radiological leak hoax

Malicious actors carried out operation after U.S. company announced plans to invest in Poland’s nuclear power program https://medium.com/dfrlab/cyber-enabled-information-operation-targets-poland-with-radiological-leak-hoax-28a5b1fb6776     […]
Feds say hackers are likely exploiting critical Fortinet VPN vulnerabilities

Feds say hackers are likely exploiting critical Fortinet VPN vulnerabilities

Exploits allow hackers to log into VPNs and then access other network resources. https://arstechnica.com/gadgets/2021/04/feds-say-hackers-are-likely-exploiting-critical-fortinet-vpn-vulnerabilities/     […]
New Security Signals study shows firmware attacks on the rise; here’s how Microsoft is working to help eliminate this entire class of threats

New Security Signals study shows firmware attacks on the rise; here’s how Microsoft is working to help eliminate this entire class of threats

Cybersecurity threats are always evolving, and today we’re seeing a new wave of advanced attacks targeting areas of computing that don’t have the protection of […]
Vulnerabilities in Single Sign-On services could be abused to bypass authentication controls

Vulnerabilities in Single Sign-On services could be abused to bypass authentication controls

SAML XML injection gives attackers free rein over user accounts, although hard-to-execute bug proves real-world threat is minimal   https://portswigger.net/daily-swig/vulnerabilities-in-single-sign-on-services-could-be-abused-to-bypass-authentication-controls   […]