+84949482065
The MOVEit vulnerability was exploited against systems at some US federal agencies, according to Cybersecurity and Infrastructure Security Agency (CISA) executive assistant director for cybersecurity Eric Goldstein. CISA “is providing…
Progress Software has disclosed a new SQL injection vulnerability in MOVEit Transfer that could be exploited to gain elevated privileges. According to Progress, “MOVEit Cloud has been patched and fully…
An underground marketplace, called Exposed, leaked the personal details of around 478,000 RaidForums members due to a misconfigured database. Members who registered between March 2015 and September 2020 were affected…
Researchers are warning about CAPTCHA-breaking services that are being offered for sale on underground forums. These services can help attackers bypass security measures by confusing systems with bot traffic for…
Researchers at South Korea’s AhnLab Security Emergency Response Center (ASEC) have detected the North Korean state-sponsored Lazarus group exploiting vulnerable installations of Windows Internet Information Services (IIS) web servers to…
Texas-based food distributor Sysco has disclosed a data breach that exposed sensitive information about customers, employees, and business operations. In the “Other Information” section of a US Securities and Exchange…
Apple and Google have “jointly submitted a proposed industry specification to help combat the misuse of Bluetooth location-tracking devices for unwanted tracking.” The draft specification “outlines technical best practices for…
Google has rolled out support for passkeys on personal Google Accounts. When users create and use passkeys, they will no longer be prompted to provide passwords or to use two-factor…
Users are urged to update their PaperCut MF/NG print management software to fix a critical improper access control vulnerability that is being actively exploited. The flaw allows an attacker to…
VMware has released an update for its VMware Aria Operations for Logs, previously known as vRealize Log Insights, to address a pair of vulnerabilities. The flaws, a deserialization vulnerability and…
