Data leaks containing Aadhaar IDs in India was caused by the insecurity of 3rd parties while aggregating such information for KYC. According to Resecurity, a global cybersecurity provider protecting Fortune 500 companies and governments globally, one of the key issues…
MITRE ATT&CK v14 released
MITRE has released MITRE ATT&CK v14, the newest iteration of its popular investigation framework / knowledge base of tactics and techniques employed by cyber attackers. MITRE ATT&CK v14 ATT&CK’s goal is to catalog and categorize behaviors of cyber adversaries in…
HelloKitty Ransomware Group Exploiting Apache ActiveMQ Vulnerability
Cybersecurity researchers are warning of suspected exploitation of a recently disclosed critical security flaw in the Apache ActiveMQ open-source message broker service that could result in remote code execution. “In both instances, the adversary attempted to deploy ransomware binaries on…
FIRST Announces CVSS 4.0 – New Vulnerability Scoring System
The Forum of Incident Response and Security Teams (FIRST) has officially announced CVSS v4.0, the next generation of the Common Vulnerability Scoring System standard, more than eight years after the release of CVSS v3.0 in June 2015. “This latest version of CVSS…
Researchers Find 34 Windows Drivers Vulnerable to Full Device Takeover
As many as 34 unique vulnerable Windows Driver Model (WDM) and Windows Driver Frameworks (WDF) drivers could be exploited by non-privileged threat actors to gain full control of the devices and execute arbitrary code on the underlying systems. “By exploiting…
Iran’s MuddyWater Targets Israel in New Spear-Phishing Cyber Campaign
The Iranian nation-state actor known as MuddyWater has been linked to a new spear-phishing campaign targeting two Israeli entities to ultimately deploy a legitimate remote administration tool from N-able called Advanced Monitoring Agent. Cybersecurity firm Deep Instinct, which disclosed details of the attacks, said the…
SaaS Security is Now Accessible and Affordable to All
This new product offers SaaS discovery and risk assessment coupled with a free user access review in a unique “freemium” model Securing employees’ SaaS usage is becoming increasingly crucial for most cloud-based organizations. While numerous tools are available to address…
Forrester: GenAI Will Lead to Breaches and Fines in 2024
Analyst warns that risks of using the technology will become apparent This article has been indexed from www.infosecurity-magazine.com Read the original article: Forrester: GenAI Will Lead to Breaches and Fines in 2024
CVSS 4.0 Released – Next Generation Common Vulnerability Scoring System
The Common Vulnerability Scoring System (CVSS) is an open framework for communicating the characteristics and severity of software… The post CVSS 4.0 Released – Next Generation Common Vulnerability Scoring System appeared first on Hackers Online Club (HOC). This article has…
What Gen Z really cares about when it comes to privacy
It would be easy to think that Gen Z doesn’t care about privacy. It’s not that, though, they just care about privacy in a different way to older generations. This article has been indexed from Malwarebytes Read the original article:…
Uncovering Prolific Puma, Massive Domain Generator & URL Shortener
Hackers can exploit Massive Domain Generator and URL Shortener services by creating large numbers of deceptive or malicious domains and using URL shorteners to hide the true destination of links. This can be used for the following illicit purposes:- Recently,…
Who is behind the Mozi Botnet kill switch?
Researchers speculate that the recent shutdown of the Mozi botnet was the response of its authors to the pressure from Chinese law enforcement. ESET researchers speculate that the recent shutdown of the Mozi botnet was the result of its operators’…