Apple’s secret is out: 3 zero-days fixed, so be sure to patch now!
All Apple users have zero-days that need patching, though some have more zero-days than others.
Vulnerability
Researchers Uncovered Notorious QakBot Malware C2 Infrastructure
Tam Cymru researchers have recently revealed noteworthy patterns and irregularities from their continuous monitoring of QakBot’s command and control infrastructure. The researchers shared high-level insights into the findings, shedding ligh…
Cisco fixes critical flaws in Small Business Series Switches
Nine vulnerabilities – 4 of them critical – have been found in a variety of Cisco Small Business Series Switches. PoC exploit code is available (but not public), and there is no indication that they are being exploited in the wild. About th…
PaperCut vulnerability abused by several threat actors could impact 70,000 organizations
Get technical details about how the cybercriminals are targeting this vulnerability, who is impacted, and how to detect and protect against this security threat.
The post PaperCut vulnerability abused by several threat actors could impact 70,000 organi…
Lancefly APT Hackers Using Custom Backdoor to Attack Government Orgs
The cybersecurity researchers at Symantec Threat Labs recently discovered APT hacking group has been utilizing the specialized ‘Merdoor’ backdoor malware to conduct precise and prolonged attacks on the following sectors in South and Southea…
Insurance Industry Suffers 12x More Cyber Attacks
The Insurance industry was the most targeted sector in Q1, 2023, according to Indusface’s State of Application Security report, with 12 times more attacks than any other sector. Another report from the same year reveals that the insurance industry witn…
Ferrari Website Flaw Exposes Their Database Credentials
Based on the recent report from char49, it appears that there was a critical flaw in Ferrari’s subdomain, which led to an arbitrary file read vulnerability. The vulnerability existed in the media.ferrari.com subdomain using a vulnerable WordPress plugi…
Advantech’s industrial serial device servers open to attack
Three vulnerabilities in Advantech’s EKI series of serial device servers could be exploited to execute arbitrary commands on the OS level. Source: CyberDanube The vulnerabilities Serial device servers are networking devices that “network-en…
CISA: Several Old Linux Vulnerabilities Exploited in Attacks
Several old Linux vulnerabilities for which there are no public reports of malicious exploitation have been added to CISA’s KEV catalog.
The post CISA: Several Old Linux Vulnerabilities Exploited in Attacks appeared first on SecurityWeek.
1Password Confirms No Security Breach After “Password Changed” Alerts Panicked Users
The password management service 1Password assured users of no security breach after accidentally sending “Secret…
1Password Confirms No Security Breach After “Password Changed” Alerts Panicked Users on Latest Hacking News | Cyber Security News, H…