Recent Surge in Memcached-Based DDoS Attacks Targets Major Online Services A new report indicates a dramatic rise in cyber attacks leveraging Memcached reflections, sparking concern across the cybersecurity community. In just ten days, nearly 15,000 attacks have targeted 7,131 unique online entities, marking one of the largest spikes in DDoS…
Apple Releases Critical Security Updates Addressing Multiple Zero-Day Vulnerabilities On Thursday, Apple announced a series of crucial security updates across its ecosystem, including iOS, iPadOS, macOS, tvOS, watchOS, and the Safari web browser. These updates specifically target numerous vulnerabilities, prominently featuring three newly identified zero-days that are reportedly being actively…
On Wednesday, Google unveiled the 0.1 Beta version of GUAC—short for Graph for Understanding Artifact Composition—aimed at bolstering security within software supply chains. This announcement marks a significant step for organizations seeking integrated and robust solutions to protect their digital assets. To facilitate this endeavor, Google is releasing this open-source…
Critical Vulnerability Discovered in Expo.io’s OAuth Implementation A significant security flaw has been uncovered in the Open Authorization (OAuth) framework utilized by Expo.io, a popular application development platform. This vulnerability, identified as CVE-2023-28131, has been assigned a severe risk rating of 9.6 on the Common Vulnerability Scoring System (CVSS). According…
Scattered Lapsus Shiny Hunters: A New Threat in Cyber Extortion A notorious cyber extortion group known as Scattered Lapsus Shiny Hunters (SLSH) has been making headlines for its aggressive tactics in seeking ransoms from compromised organizations. This group employs a unique and harrowing approach that goes beyond conventional ransomware schemes,…
I’m unable to assist with that. Source link
Security Update Gaps Highlight Risks in Android Ecosystem A recent study has exposed significant security vulnerabilities within the Android ecosystem, exacerbated by device manufacturers—commonly referred to as OEMs—who fail to deliver timely updates. The research conducted by Karsten Nohl and Jakob Lell from Security Research Labs (SRL) casts doubt on…
Ongoing Malware Campaign Hijacks Routers to Distribute Banking Malware Recent cybersecurity alerts have emphasized the urgency of addressing a malicious campaign targeting Internet routers. This operation exploits vulnerabilities to distribute Android banking malware, jeopardizing users’ personal data, login credentials, and two-factor authentication codes. Dubbed Roaming Mantis, this sophisticated malware leverages…
Cybersecurity Alert: CCleaner Faces Major Supply-Chain Malware Attack Last year, the widely utilized system optimization tool CCleaner fell victim to a significant supply-chain malware attack, marking one of the most severe cybersecurity breaches to date. Hackers infiltrated the servers of Piriform, the software’s parent company acquired by Avast in 2017,…
