Major Disruption of Grandoreiro Malware Operatives in Brazil In a significant law enforcement operation in Brazil, authorities have arrested several individuals linked to the notorious Grandoreiro banking malware. The Federal Police of Brazil announced that they executed five temporary arrest warrants along with 13 search and seizure warrants across multiple…
A significant extortion campaign has emerged, targeting various organizations by exploiting publicly accessible environment variable files (commonly ending in .env) that contain sensitive credentials for cloud and social media applications. This alarming trend underscores the vulnerabilities in data security practices across industries. According to a report by Palo Alto Networks’…
Recent investigations have uncovered a significant cybersecurity vulnerability affecting approximately 15,000 applications that utilize Amazon Web Services’ (AWS) Application Load Balancer (ALB) for authentication purposes. This configuration issue could enable malicious actors to bypass access controls, thereby compromising the security of these applications. The research, conducted by the Israeli cybersecurity…
Security Flaws Discovered in Rockwell Automation’s PanelView Plus Could Lead to Remote Attacks Recent disclosures have unveiled two critical security vulnerabilities in Rockwell Automation’s PanelView Plus systems, which could potentially allow remote, unauthenticated attackers to execute arbitrary code or trigger denial-of-service (DoS) conditions. This revelation, made by Microsoft security teams,…
Microsoft has announced the release of security patches addressing a staggering 143 vulnerabilities as part of its latest monthly updates. Among these issues, two have been confirmed to be actively exploited, heightening concerns for organizations relying on Microsoft software. The updates, which categorize five vulnerabilities as Critical, 136 as Important,…
For the first time in its history, the U.S. Department of Justice (DOJ) has publicly acknowledged the significant contribution of Amazon Web Services (AWS) in the arrest of two individuals linked to the hacking collective known as Anonymous Sudan. This group has been implicated in a series of disruptive denial-of-service…
Vulnerabilities Discovered in SAP AI Core Threaten Cloud Security Recent research has identified significant security vulnerabilities within the SAP AI Core platform, a cloud-based solution designed to facilitate the creation and deployment of predictive artificial intelligence workflows. These flaws potentially allow malicious actors to gain unauthorized access to sensitive customer…
Data Breach Exposes Millions of Hotel Customers’ Sensitive Information A significant data breach at Prestige Software, a provider of hotel reservation systems, has potentially compromised the sensitive information of millions of hotel customers. The breach was uncovered by cybersecurity research firm Website Planet, which reported that the company’s Cloud Hospitality…
A recently identified vulnerability in GitHub Actions artifacts, referred to as ArtiPACKED, poses significant risks to repository security and organizational cloud operations. This attack vector could allow malicious entities to gain unauthorized control over repositories and infiltrate cloud environments associated with these repositories. The vulnerability results from a mix of…
