Specialists at Security Research Labs (SRLabs) have developed a decryptor, the Black Basta Buster, which exploits a vulnerability in the encryption algorithm of the Black Basta ransomware program, enabling victims to recover their files...
Eagers Automotive, a leading car dealer in Australia and New Zealand, announced the suspension of trading on the stock exchange following a recent cyberattack. The company operates over 300 sales outlets of renowned brands...
According to a report presented by CloudSEK, a new hacking method enables hackers to exploit the OAuth 2.0 authorization protocol functionality to compromise Google accounts. This technique maintains valid sessions by regenerating cookie files,...
On the eve of the Christmas festivities, the Ohio Lottery fell victim to a cyberattack, disrupting several internal information systems. Hackers infiltrated the corporate network, encrypting data and causing disruptions in customer service. Despite...
In June this year, cybersecurity firm Kaspersky released a public report stating that iPhones used by some of its employees were compromised. The attackers employed multiple sophisticated zero-click vulnerabilities, infecting iPhones and achieving persistent...
Fidelity National Financial, a major player in the real estate insurance sector, encountered a cybersecurity incident. Its subsidiary, LoanCare, a leading provider of loan servicing solutions, reported the data breach of 1,316,938 individuals following...
Patients of Integris Health in Oklahoma are receiving extortionate emails, claiming their data has been stolen due to a cyberattack on the healthcare network, with threats to sell the data to other cybercriminals unless...
Apache OFBiz offers a comprehensive suite of tools for ERP, CRM, E-Commerce, and more. Hailed for its open-source nature and part of the esteemed Apache Software Foundation, OFBiz has been a top choice for...
A new zero-day vulnerability in Barracuda Networks’ Email Security Gateway (ESG) has been disclosed. The vulnerability, identified as CVE-2023-7102, stems from the open-source third-party library, Spreadsheet::ParseExcel, used in ESG’s malware protection features. This issue...
In the complex domain of cybersecurity, the emergence of RetSpill marks a significant shift in the landscape of Linux kernel exploitation. This ingenious technique exploits the kernel’s design to escalate privileges, bypassing multiple layers...
In the ever-evolving landscape of cybersecurity, a new attack technique named “SMTP Smuggling” has emerged, posing a significant threat to the integrity of email communications. Discovered by Timo Longin, in collaboration with SEC Consult,...
In the realm of Linux and UNIX operating systems, the “sudo” command is a cornerstone of system administration, allowing users to execute commands with superuser privileges. However, the discovery of CVE-2023-7090 has cast a...
Deepin Linux has long been celebrated for its aesthetics and user-friendliness, especially among open-source enthusiasts. Developed by a Chinese team, it has earned a reputation for being one of the most visually appealing Linux...
Details have emerged about a now-patched security vulnerability in OpenSSH that could be potentially exploited to run arbitrary commands remotely on compromised hosts under specific conditions. The vulnerability is tracked under the CVE identifier...
Apache Airflow, the backbone of countless workflow pipelines, has encountered unwelcome turbulence. Four security vulnerabilities, collectively known as CVE-2023-47265, CVE-2023-49920, CVE-2023-50783, and CVE-2023-48291, have landed in the Airflow ecosystem, putting your workflows and data...
As an HTML5 web application, Apache Guacamole deftly bridges the gap between users and remote desktop environments, employing protocols like VNC or RDP. Beyond its immediate functionality, Guacamole underpins a broader project, offering an...
