Two information disclosure flaws have been identified in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora, according to […]
Category: Cyber Security News
Keeper Security Introduces Bidirectional One-Time Sharing Feature to Its Password Manager Platform
Keeper Security has unveiled an update to its password management platform: Keeper’s upgraded One-Time Share. The new feature enables bidirectional, single-use encrypted sharing between Keeper […]
U.S. DoJ Seizes 4 Domains Supporting Cybercrime Crypting Services in Global Operation
A multinational law enforcement operation has resulted in the takedown of an online cybercrime syndicate that offered services to threat actors to ensure that their […]
‘Earth Lamia’ Exploits Known SQL, RCE Bugs Across Asia
A “highly active” Chinese threat group is taking proverbial candy from babies, exploiting known bugs in exposed servers to steal data from organizations in sensitive […]
FBI Warns of Filipino Tech Company Running Sprawling Crypto Scams
The US Treasury said cryptocurrency investment schemes like the ones facilitated by Funnull Technology Inc. have cost Americans billions of dollars annually. The original article […]
Attackers Exploit Microsoft Entra Billing Roles to Escalate Privileges in Organizational Environments
A startling discovery by BeyondTrust researchers has unveiled a critical vulnerability in Microsoft Entra ID and Azure environments, where attackers can exploit lesser-known billing roles […]
Dadsec Hacker Group Uses Tycoon2FA Infrastructure to Steal Office365 Credentials
Cybersecurity researchers from Trustwave’s Threat Intelligence Team have uncovered a large-scale phishing campaign orchestrated by the notorious hacker group Storm-1575, also known as “Dadsec.” Since […]
Threat Actors Exploit Google Apps Script to Host Phishing Sites
The Cofense Phishing Defense Center has uncovered a highly strategic phishing campaign that leverages Google Apps Script a legitimate development platform within Google’s ecosystem to […]
New EDDIESTEALER Malware Bypasses Chrome’s App-Bound Encryption to Steal Browser Data
A new malware campaign is distributing a novel Rust-based information stealer dubbed EDDIESTEALER using the popular ClickFix social engineering tactic initiated via fake CAPTCHA verification […]
Attackers Exploit Microsoft Entra Billing Roles to Escalate Privileges
A recent discovery by security researchers at BeyondTrust has revealed a critical, yet by-design, security gap in Microsoft Entra ID that could allow external guest […]