An anonymous reader quotes a report from TechCrunch: A government watchdog has published a scathing rebuke of the Department of the Interior’s cybersecurity posture, finding it was able to crack thousands of employee user accounts because the departmen…
Threat actors are targeting organizations in the Australian healthcare sector with the Gootkit malware loader. Trend Micro researchers warn that Gootkit Loader is actively targeting the Australian healthcare industry. The experts analyzed a series of attacks and discovered that Gootkit leveraged SEO poisoning for its initial access and abused legitimate tools like VLC Media Player. […]
The post Gootkit Loader campaign targets Australian Healthcare Industry appeared first on Security Affairs.
Microsoft’s first Patch Tuesday of 2023 addresses 98 vulnerabilities, more than twice as many as last month – including one zero-day flaw that’s being actively exploited, as well as 11 critical flaws. The zero-day, CVE-2023-21674, is a Windows Advanced Local Procedure Call (ALPC) elevation of privilege vulnerability with a CVSS score of 8.8. The flaw, […]
The post Microsoft Patch Tuesday Fixes 11 Critical Vulnerabilities, One Zero-Day appeared first on eSecurityPlanet.
Academic researchers have discovered serious vulnerabilities in the core of Threema, an instant messenger that its Switzerland-based developer says provides a level of security and privacy “no other chat service” can offer. From a report: Despite the u…
The Iranian intelligence ministry says former defense ministry employee Alireza Akbari convicted of spying for Britain has been sentenced to death.
By Habiba Rashid
The Dark Pink APT group has been targeting countries in the APAC region.
This is a post from HackRead.com Read the original post: Espionage Meets Color: Dark Pink APT Group Revealed
SweepWizard, an app that law enforcement used to coordinate raids, left sensitive information about hundreds of police operations publicly accessible.
The training covers Docker, Splunk and AWS as you work toward CCSP certification.
The post Explore information security with 97% off this huge course bundle appeared first on TechRepublic.
This CIPL-Cisco research report offers insights into the material business benefits that organizations are realizing from their Data Privacy Management Programs
US CISA added Microsoft Exchange elevation of privileges bug CVE-2022-41080 to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog. The first issue, tracked as CVE-2022-41080, is a Microsoft Exchange server privilege escalation vulnerability. The issue can be chained with CVE-2022-41082 (ProxyNotShell) to […]
The post US CISA adds MS Exchange bug CVE-2022-41080 to its Known Exploited Vulnerabilities Catalog appeared first on Security Affairs.