+84949482065
The Android banking Trojan Vultur has reached a total of more than 100,000 downloads on the Google Play Store, says a new advisory from cybersecurity experts at Cleafy. The dropper hides…
Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Data Center Analytics, Analytics probe components), Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer detail view,…
Fluentd collects events from various data sources and writes them to files, RDBMS, NoSQL, IaaS, SaaS, Hadoop and so on. A remote code execution (RCE) vulnerability in non-default configurations of…
An improper handling of malformed request vulnerability [CWE-228] exists in FortiADC 5.0 all versions, 6.0.0 all versions, 6.1.0 all versions, 6.2.0 through 6.2.3, and 7.0.0 through 7.0.2. This may allow…
It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli 'set-custom-endpoint' subcommand. Using this command with an unreachable endpoint caused the WARP Client to…
Financial service providers, such as banks and credit card companies, use a vast amount of APIs, which makes them an attractive target for threat actors. That’s why API security is…
Microsoft has fixed an authentication bypass vulnerability in Jupyter Notebooks for Azure Cosmos DB. Microsoft says that the missing authentication checks issue was introduced in August. Researchers from Orca reported…
Numerous news sites across the US are serving up malware, according to Proofpoint Threat Research. The issue appears to be a supply chain attack: the attackers targeted a content and…
Mondelez International has settled a lawsuit it brought against the Zurich American Insurance Company for the insurer’s refusal to pay a $100 million claim over a cyberattack. Mondelez International’s IT…
A new Magniber campaign was found delivering fake Windows 10 and antivirus software updates to target home users, while staying undetected. Post-encryption the attackers demand a ransom of up to…
