Security shops among the 'hundreds' of Klue hack victims
As yet another extortion crew Icarus exploits Salesforce-linked integrations
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
As yet another extortion crew Icarus exploits Salesforce-linked integrations
Last time: Beijing-backed snoops and ransomware crims. Who's next? Unknown baddies are abusing yet another critical Microsoft SharePoint bug to compromise victims' SharePoint servers, the US government warned.…
Clop's Oracle EBS exploit spree shows no sign of slowing, claims nearly 30 more casualties in media, finance, and tech. Digital engineering outfit GlobalLogic says personal data from more than 10,000 current and former employees was exposed in the wave of Oracle E-Business Suite (EBS) attacks attributed to the Clop ransomware gang. The Hitachi-owned biz joins a growing roster of high-profile victims that also now includes The Washington Post and Allianz UK.…
Experts warn not to take leaks lightly as years-long compromises could remain undetected Thousands of email addresses included in the Belsen Group's dump of FortiGate configs last week are now available online, revealing which organizations may have been impacted by the 2022 zero-day exploits.…
No malware crew linked to this latest red-teaming tool yet Attackers are using Splinter, a new post-exploitation tool, to wreak havoc in victims' IT environments after initial infiltration, utilizing capabilities such as executing Windows commands, stealing files, collecting cloud service account info, and downloading additional malware onto victims' systems.…
Write better code, urges Jen Easterly. And while you're at it, give crime gangs horrible names like 'Evil Ferret' Software suppliers who ship buggy, insecure code need to stop enabling cyber criminals who exploit those vulnerabilities to rob victims, Jen Easterly, boss of the US government's Cybersecurity and Infrastructure Security Agency, has argued.…
'I want to buy a car. That's all' Crooks are exploiting month-old OpenMetadata vulnerabilities in Kubernetes environments to mine cryptocurrency using victims' resources, according to Microsoft.…
WPA stands for will-provide-access, if you can successfully exploit a target's setup A vulnerability identified in at least 55 Wi-Fi router models can be exploited by miscreants to spy on victims' data as it's sent over a wireless network.…
Google Project Zero blows lid off bug involving that old chestnut: XML parsing Zoom has fixed a security flaw in its video-conferencing software that a miscreant could exploit with chat messages to potentially execute malicious code on a victim's device.…
Fake Oracle and Disney job ads to lure victims is certainly an interesting choice Google on Thursday described how it apparently caught and thwarted North Korea's efforts to exploit a remote code execution vulnerability in Chrome.…