An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.
Quarter of All Gambling Sites Hit by DDoS Attacks in June
The attacks reportedly increased in conjunction with the start of the Wimbledon tennis tournament
Threat Group Ramps-Up Attacks on Travel Sector in 2022
Corporate and customer data at risk, warns Proofpoint
Researchers Find 35 Adware Apps on Google Play
Apps have millions of downloads, says Bitdefender
Suspected Russian Money Launderer Extradited to US
Man allegedly handled over $400,000 in Ryuk proceeds
The bloggings will continue … 2022-08-18 07:01:00
This blog is moving to a new home. Future blog postings will appear as if by magic at: https://secawareblog.blogspot.com/ To continue receiving this stuff, please update your bookmarks and blog aggregators accordingly. Rest assured…
CISA Warns of Hackers Exploiting Multiple Vulnerabilities in the Zimbra Collaboration Suite
The advisory was compiled by CISA with the Multi-State Information Sharing & Analysis Center
APT Lazarus Targets Engineers with macOS Malware
The North Korean APT is using a fake job posting for Coinbase in a cyberespionage campaign targeting users of both Apple and Intel-based systems.
RubyGems Mandates MFA for Top-100 Package Maintainers
The package manager started enforcing MFA on owners of gems with over 180 million total downloads
Organizations Struggle to Fend Off Cloud and Web Attacks
The study queries more than 950 IT and security professionals across the Americas, EMEA and APAC