[ad_1] Thousands of Citrix Netscaler ADC and Gateway servers exposed online are likely vulnerable to a critical remote code execution (RCE) bug exploited by unauthenticated attackers in the wild as day zero. Security researchers from the Shadowserver Foundation, a non-profit…
blog
[ad_1] The private Microsoft encryption key stolen by Chinese hackers Storm-0558 gave them access well beyond the Exchange Online and Outlook.com accounts that Redmond believed were compromised, according to Wiz security researchers. Redmond revealed on July 12 that attackers hacked…
[ad_1] This edition of the Week in Ransomware covers the last two weeks of news, as we were unable to cover it last week, and includes quite a bit of new information, including the return of the Avaddon ransomware gang.…
[ad_1] The US government is warning that threat actors have hacked into the network of a US critical infrastructure organization after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical severity issue in NetScaler ADC and Gateway that…
[ad_1] The Clop ransomware gang is expected to make between $75 million and $100 million by extorting victims of their massive MOVEit data theft campaign. In a new report released today, Coveware explains that the number of victims paying ransoms…
[ad_1] The US Department of Justice and the Federal Trade Commission (FTC) announced that Amazon has agreed to pay a $25 million fine to settle alleged violations of children's privacy laws related to the company's Alexa voice assistant service. Amazon…
[ad_1] Threat actors penetrated the network of a US critical infrastructure organization after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical severity issue in NetScaler ADC and Gateway that Citrix patched this week. The Cybersecurity and Infrastructure…
[ad_1] VirusTotal apologized on Friday for leaking the information of more than 5,600 customers after an employee mistakenly uploaded a CSV file containing their information to the platform last month. The data leak only affected Premium account customers, with the…
[ad_1] GitHub warns of a social engineering campaign targeting the accounts of developers in the blockchain, cryptocurrency, online gaming, and cybersecurity industries to infect their devices with malware. The campaign was linked to the North Korean state-sponsored Lazarus hacking group,…
[ad_1] Adobe has released an emergency ColdFusion security update that fixes critical vulnerabilities, including a fix for a new zero-day exploit in attacks. As part of today's out-of-band update, Adobe has patched three vulnerabilities: a critical RCE tracked as CVE-2023-38204…
