Code-Injection Bugs Bite Google, Apache Open-Source GitHub Projects
Two of the most popular open-source ventures have identified several weaknesses, Google and Apache. The vulnerabilities may be used to access various proprietary information stealthily and provide access to lateral movement in a firm. Moreover, the glitch may be used...
2022: Ransomware Attacks Are on the Rise
Cyberspace has enjoyed relative peace over the past few years due to a significant decline in ransomware attacks. This tranquility may be attributed to the combined efforts of several international intelligence agencies and various tech companies to eradicate...
Zero-Day Vulnerability Exploited to Hack Over 1,000 Zimbra Email Servers
Hackers use a zero-day vulnerability in Zimbra to inject a malicious payload onto vulnerable webmail servers using the PGP decryption exploit they ported during a recent Black Hat 2022 conference. To take control of the victim's email account, the hacker would first...
Zeppelin Ransomware Resurfaces with New Compromise
A Zeus variant that first surfaced in August 2016 called Zeppelin has resurfaced and is now being used to compromise Web servers to distribute its payload. The threat researchers at Forcepoint Security Labs said they first started seeing new Zeppelin malware samples...
DEF CON returns with “Hacker Homecoming”
Organizers of DEF CON, the world's largest hacker conference, have announced a date for its 20th anniversary in Las Vegas. The event took place from August 7 to August 10, just after Black Hat USA in a move organizers say will allow both events to grow and be...
SOC 2 Readiness Assessment: All You Need to Know
Blog You’ve heard about SOC 2 audits, and you’re scrambling to ensure your organization is ready for this significant compliance task. Many must realize that the real work starts before even calling in a certified auditor with an efficient SOC 2 readiness...
All you need to know about SOC 2 audits
Blog A SOC 2 Audit is a set of guidelines and standards that’s been around for many years. It was originally intended as a voluntary standard to promote customer privacy protection but has since evolved into a key criterion in any thorough evaluation of...
Sneaky Orbit Malware Backdoors Linux Devices
Researchers have discovered a devious malware for Linux: backdooring devices and stealing data. The malware can alter the overall functioning of any device that it gets into. Popularly known as Orbit, the malware works differently from regular Linux threats. The...
The U.S. Health Organizations Targeted With Maui Ransomware
North Korea's state-sponsored ransomware operators have launched a campaign targeting healthcare organizations in the United States. This is according to an advisory issued by the Federal Bureau of Investigations (FBI) and the Infrastructure Security Agency (CISA)....
Vulnerabilities Found in Widely Used Robustel Industrial Routers
The Cisco Talos Threat Analytic and Research Unit has picked up several threats and vulnerabilities in the popularly used industrial cellular gateway IoT. The affected device, called the R1510, was created by a Chinese company called Robustel. The product is designed...