group
-
A vulnerability was found in OpenX. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file admin/plugin-preferences.php. The manipulation of the argument group leads to path traversal. This vulnerability is known as CVE-2013-3514. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended…
-
A vulnerability has been found in OpenX and classified as critical. This vulnerability affects unknown code of the file admin/plugin-settings.php. The manipulation of the argument group leads to cross site scripting. This vulnerability was named CVE-2013-3515. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to apply a patch…
-
The research team at CYFIRMA has uncovered an alarming Android malware campaign attributed to the Indian advanced persistent The post Donot APT Group Targets Android Devices with Malicious Chat Apps appeared first on Cybersecurity News.
-
A vulnerability, which was classified as critical, was found in OpenSSH up to 8.7. Affected is an unknown function of the component Supplemental Group Handler. The manipulation leads to improper privilege management. This vulnerability is traded as CVE-2021-41617. The attack can only be initiated within the local network. There is no exploit available. It is…
-
WhatsApp has become an integral communication tool for millions worldwide. One of its prominent features is the read receipt, commonly known as the blue tick. This feature informs senders when their messages have been read. While convenient, there are times when you might want to maintain your privacy and disable the blue ticks—especially in group…
-
Researchers have discovered a critical flaw in Active Directory’s NTLMv1 mitigation strategy, where misconfigured on-premises applications can bypass Group Policy settings intended to disable NTLMv1. This vulnerability enables attackers to exploit the outdated authentication protocol. The bypass allows attackers to intercept NTLMv1 traffic, crack user credentials offline, and gain unauthorized access within the network that…
-
noyb files complaints against TikTok, AliExpress, and other Chinese companies for illegal EU user data transfers to China, violating data protection laws. Austrian privacy non-profit group None of Your Business (noyb) has filed complaints accusing companies like TikTok, AliExpress, SHEIN, Temu, WeChat, and Xiaomi of violating data protection regulations in the European Union by unlawfully…
-
Threat actors impersonating recruiters on LinkedIn provide targeted software developers with project tests and code reviews that redirect to malicious GitLab repositories that facilitate the distribution of modular information-stealing malware compatible with Windows, macOS, and Linux systems, a report from SecurityScorecard showed.
-
Attackers who trespassed on MIG’s computer environment may have compromised individuals’ full names and financial details, said the major Southeastern U.S. mortgage lending firm in a breach notice on its website that did not specify the nature of the intrusion and the number of customers affected by the incident.
-
Attackers who trespassed on MIG’s computer environment may have compromised individuals’ full names and financial details, said the major Southeastern U.S. mortgage lending firm in a breach notice on its website that did not specify the nature of the intrusion and the number of customers affected by the incident.
-
Key Findings The nearly $20 million Kongulai water plant, meant to provide clean water to the Solomon Islands capital, is moribund and over a year behind schedule. The project’s main funder, the Asian Development Bank, dismissed concerns from Solomon Islands officials. The contract was then awarded to an Indian joint venture with a history of…
-
Amateurish Ransomware Group Doubles as HackstivistsCybersecurity researchers discovered an artificial intelligence-driven ransomware group that emerged at the end of last year and compromised more than 85 victims worldwide. The group uses double extortion, combining data theft with encryption.
-
Amateurish Ransomware Group Doubles as HackstivistsCybersecurity researchers discovered an artificial intelligence-driven ransomware group that emerged at the end of last year and compromised more than 85 victims worldwide. The group uses double extortion, combining data theft with encryption.
-
Amateurish Ransomware Group Doubles as HackstivistsCybersecurity researchers discovered an artificial intelligence-driven ransomware group that emerged at the end of last year and compromised more than 85 victims worldwide. The group uses double extortion, combining data theft with encryption.
-
Researchers at Check Point said FunkSec operators appear to use AI for malware development
-
A vulnerability classified as problematic was found in Drupal Opigno Group Manager up to 3.1.0. This vulnerability affects unknown code. The manipulation leads to improper neutralization of directives in statically saved code (‘static code injection’). This vulnerability was named CVE-2024-13263. Access to the local network is required for this attack. There is no exploit available.…
-
Since 2013, the advanced persistent threat (APT) known as Kimsuky, which the North Korean government sponsors, has been actively conducting cyber espionage operations. It employs advanced malware, spearphishing, and social engineering tactics to infiltrate target networks and exfiltrate sensitive data, focusing on South Korea and other countries with strategic interests in the Korean Peninsula. A…
-
Mari Yamaguchi / Associated Press: Japan says Chinese hacking group MirrorFace is linked to 200+ cyberattacks from 2019 to 2024 targeting the country’s national security and advanced tech data — Japan on Wednesday linked more than 200 cyberattacks over the past five years targeting the country’s national security …
-
Amnesty International (AI) issued a call on Wednesday for the Pakistan government to cease its arbitrary detention and harassment of Afghan refugees and asylum seekers. This appeal comes in response to alarming reports of widespread abuses by law enforcement agencies, including night raids and the detention of hundreds of Afghan individuals, including vulnerable groups such…