Fortra has disclosed a significant security vulnerability in FileCatalyst Workflow that could allow remote attackers to obtain administrative access. This flaw, designated as CVE-2024-6633, holds a critical CVSS score of 9.8, primarily due to the software’s reliance on a static password for its HSQL database connection. In their advisory, Fortra…
Recent cybersecurity investigations have unveiled a sophisticated approach employed by threat actors, who are utilizing swap files on compromised websites to facilitate the operation of a persistent credit card skimmer designed to capture sensitive payment information. Security firm Sucuri identified this method on the checkout page of a Magento e-commerce…
Cybersecurity Risks Loom Over Streaming Services Amid Recent Breaches Streaming platforms, including industry leaders like Netflix, as well as niche services such as Crunchyroll, are confronting significant cybersecurity threats. In a landscape that has evolved rapidly, these services find themselves increasingly vulnerable to various forms of cyberattacks. Common attacks such…
Malicious Actors Exploit AVTECH IP Camera Vulnerability in Botnet Campaign A significant cybersecurity threat has emerged as a long-standing high-severity vulnerability in AVTECH IP cameras has been exploited by cybercriminals. Known as CVE-2024-7029, this flaw, which has a CVSS score of 8.7, is categorized as a command injection vulnerability associated…
SaaS Security: Understanding the Risks and Solutions In the rapidly evolving landscape of business operations, Software as a Service (SaaS) applications have become indispensable. These applications host a vast array of sensitive data critical for various functions, including human resources, finance, marketing, and product development. However, despite the inherent advantages…
Binance, a prominent cryptocurrency exchange platform, has issued a significant warning about Clipper Malware, a sophisticated threat that enables cyber actors to modify users’ wallet addresses. This type of manipulation can result in the unauthorized transfer of digital assets, effectively diverting funds away from intended recipients. The warning is particularly…
A significant data breach has recently impacted financial institutions across Latin America, with investigations suggesting that the incident may stem from a vulnerability linked to a popular fintech application. CyberNews.com reports that sensitive information from various financial organizations has been compromised, raising alarms about the security measures in place within…
New ICS-Focused Malware Discovered Targeting Ukrainian Energy Firm Cybersecurity experts have identified a new strain of malware, named FrostyGoop, which is the ninth known type specifically designed for Industrial Control Systems (ICS). This malware has been implicated in a disruptive cyberattack against an energy company in Lviv, Ukraine, which took…
Shift in Russian Cyber Operations Targeting Ukraine’s Defense Sector Recent insights from Ukraine’s State Service of Special Communications and Information Protection (SSSCIP) indicate a major strategic shift in Russian cyber activities, particularly in the first half of 2024. This alteration in tactics reflects a transition from broad-spectrum attacks to a…
