Information Security News Blog
Veeam is urging all users of Veeam Backup Enterprise Manager to update their software to the latest version due to the discovery of a critical vulnerability that allows attackers to bypass authentication safeguards. Veeam...
GitHub has released patches to address a critical vulnerability in GitHub Enterprise Server (GHES) that could allow attackers to bypass authentication systems. The vulnerability, identified as CVE-2024-4985 with a maximum CVSS rating of 10.0,...
The LockBit group has claimed responsibility for the cyberattack on the Canadian pharmacy chain London Drugs and is now threatening to release the stolen data following unsuccessful negotiations. The cyberattack on April 28 forced...
Experts at Elastic Security Labs and Antiy have uncovered a new cryptocurrency mining campaign codenamed REF4578, wherein the GhostEngine malware exploits vulnerable drivers to disable antivirus programs and deploy the XMRig miner. Elastic Security...
Researchers at Recorded Future recently discovered that the creators of the SolarMarker malware have developed a multi-layered infrastructure to complicate efforts by law enforcement. “The core of SolarMarker’s operations is its layered infrastructure, which...
During a security audit of the QTS operating system, used in QNAP’s NAS products, fifteen vulnerabilities of varying severity were identified. Notably, eleven of these vulnerabilities remain unpatched. Among the discovered issues, CVE-2024-27130 stands...
In the era of big data, training Vision Transformer (ViT) models on extensive datasets has become the standard for enhancing performance in various AI tasks. Visual Prompts (VP), which introduce task-specific parameters, allow efficient...
According to a report by Insikt Group, cybercriminals are exploiting GitHub and FileZilla to deliver infostealers and trojans disguised as macOS applications such as 1Password, Bartender 5, and Pixelmator Pro. The campaign has been...
The United States Cybersecurity and Infrastructure Security Agency (CISA) included a vulnerability affecting Mirth Connect from NextGen Healthcare in its Known Exploited Vulnerabilities (KEV) catalog last Monday, May 20. The vulnerability, designated CVE-2023-43208, involves...
The cybersecurity world is alarmed by new devastating attacks targeting Israel and Albania. These attacks are orchestrated by an Iranian group affiliated with the Ministry of Intelligence and Security (MOIS). Check Point Research specialists...
OmniVision, a renowned manufacturer of image sensors utilized in numerous smartphone cameras worldwide, has announced a data security breach following a ransomware attack. The company’s headquarters are located in California, and in 2023, it...
Since the beginning of March this year, cybersecurity researchers have observed a sharp increase in phishing campaigns aimed at distributing a new malware loader, Latrodectus, considered the successor to IcedID. Experts from Elastic Security...