-
MOVEit Transfer vulnerability is being exploited widely
PRIVACY PRIVACY Progress has discovered a vulnerability in file transfer software MOVEit Transfer that could lead to escalated privileges and potential unauthorized access to the environment, the company said in a security advisory. “A SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized…
-
MOVEit Transfer vulnerability appears to be exploited widely
PRIVACY PRIVACY Progress Software has discovered a vulnerability in its file transfer software MOVEit Transfer that could lead to escalated privileges and potential unauthorized access to the environment, the company said in a security advisory. “A SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to…
-
Insurers Predict $33bn Bill for Catastrophic “Cyber Event”
PRIVACY PRIVACY One-in-200 year event could stem from cloud, data breach or ransomware Read More
-
Chinese Phishing Gang “PostalFurious” Expands Campaign
PRIVACY PRIVACY Latest victims of smishing attacks are UAE residents Read More
-
Kaspersky Says it is Being Targeted By Zero-Click Exploits
PRIVACY PRIVACY Possible US campaign began in 2019 Read More
-
CIS Controls Ambassador Spotlight: Tony Krzyzewski
PRIVACY PRIVACY Tony Krzyzewski has done a lot to support cyber defense as an ambassador and volunteer in the CIS Controls Community. Hear his story. Read More
-
Online Banking – The Safe Way
PRIVACY PRIVACY If you’ve got teens, then no doubt you’ve received the SOS texts. ‘Mum, I need a haircut, can you just spot me $30?’ or ‘I’ve just finished footy and I’m starving, can you transfer me some money?’. Where would the modern parent be without online banking? How did our non-digital forefathers ever cope??…
-
Decade-old critical vulnerability in Jetpack patched on millions of WordPress websites
PRIVACY PRIVACY Jetpack. an extremely popular WordPress plugin that provides a variety of functions including security features for around five million websites, has received a critical security update following the discovery of a bug that has lurked unnoticed since 2012. Read more in my article on the Tripwire State of Security blog. Read More
-
Horabot Campaign Targets Spanish-Speaking Users in the Americas
PRIVACY PRIVACY Cisco Talos said the threat actor behind the campaign is believed to be located in Brazil Read More
-
Ask Fitis, the Bear: Real Crooks Sign Their Malware
PRIVACY PRIVACY Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to…