A nation-state threat actor gained access into an unclassified research and development network operated by MITRE, a non-profit that oversees key federal funded research and development centers for the U.S. government, the organization confirmed on Friday.
Half a dozen different botnets are prowling the internet for TP-Link-brand Wi-Fi routers unpatched since last summer with the goal of commandeering them into joining distributed denial-of-service attacks. Chinese router manufacture TP-Link in June patched a command injection vulnerability.
In the latest weekly update, ISMG editors discussed key insights on OT security from the Cyber Security for Critical Assets Summit in Houston, the implications of a critical Linux utility found to have a backdoor, and a CISO's perspective on comprehensive cloud security strategy.
As organizations embrace digital transformation, software security challenges have become increasingly complex. Adriana Freitas, director of the European Foundation Anti-Phishing Working Group, offers insights on the imperative role of DevSecOps in modern cybersecurity practices.
Nation-state attackers apparently backdoored widely used, open-source data compression software as part of a supply chain attack. Malicious code inserted into recent versions of XZ Utils was designed to facilitate full, remote access to an infected system.
Fresh zero-day vulnerabilities continue to be actively exploited in the wild by attackers, often for surveillance and espionage purposes, according to the latest annual review of in-the-wild exploits published by Google. In 2023, 97 new zero-days came to light, up from 62 in 2022.
A new type of denial-of-service threat can disrupt an estimated 300,000 internet hosts that are at risk of exploitation. Researchers at the CISPA Helmholtz Center for Information Security say attackers are using IP spoofing to entangle two servers in a perpetual communication loop.
Hackers who are possibly members of a criminal group affiliated with numerous ransomware-as-a-service operations are exploiting a directory traversal vulnerability in a Python library that allows unauthenticated remote attackers access to sensitive information from server files.
Advanced attackers increasingly feel the need for speed, lowering the time they spend lurking after they infiltrate networks before exfiltrating data and crypto-locking systems, experts warn in a review of top hacking strategies seen in 2023. Cue challenges for defenders.
Hackers are mass-exploiting a recently disclosed critical authentication bypass vulnerability in on-premises versions of TeamCity. JetBrains fixed the bugs in a Monday update, but researchers warn users running unpatched instances to assume compromise.
Apple pushed out an emergency security update for two critical zero-day flaws that attackers are using to carry out memory corruption attacks on iPhone and iPad devices. The tech giant's latest patch addressed its third zero-day vulnerability this year.
Two critical vulnerabilities affecting all on-premises versions of TeamCity servers can result in authentication bypass and path traversal, enabling an attacker to gain administrative privileges for a server and take it over. Users should prioritize patching now that the exploit is public.
A cyber threat actor is shifting tactics from conventional malware delivery to a targeted focus on acquiring NT LAN Manager authentication information to potentially collect sensitive data and perform other malicious actions. The campaigns have targeted hundreds of organizations globally.
A new report from the Office of the National Cyber Director calls for the universal adoption of memory-safe programming languages, but experts warned ISMG the process of overhauling legacy information technology and high-impact code can be daunting, costly and risky.
Corporate VPN maker Ivanti disputed findings by the U.S. cybersecurity agency that said hackers can establish persistence on rooted appliances through a factory reset but nonetheless released an updated integrity checking tool Tuesday. Ivanti has been in emergency response mode since early January.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.