Teenager Arrested Following Exploitation of Heartbleed Vulnerability in Canadian Cyber Breach A significant cybersecurity incident has led to the arrest of a 19-year-old individual in Canada, connected to a severe breach of the country’s taxpayer system. The Royal Canadian Mounted Police (RCMP) have charged Stephen Arthuro Solis-Reyes, from London, Ontario,…
Print management software provider PaperCut has issued a warning indicating that unpatched servers are being actively exploited in the wild. This alarming announcement follows two vulnerability reports from cybersecurity firm Trend Micro, which highlight significant security lapses within the PaperCut software. According to PaperCut, an analysis of customer reports revealed…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified and added three security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, highlighting concerns over active exploitation. These vulnerabilities pose significant risks to various systems and require immediate attention from cybersecurity professionals. The first vulnerability, CVE-2023-1389, carries a CVSS score…
New Ransomware CACTUS Exploits VPN Vulnerabilities in Ongoing Cyber Attacks Cybersecurity researchers have identified a new strain of ransomware, dubbed CACTUS, which exploits known vulnerabilities in VPN appliances to gain entry into targeted networks. This ransomware variant has primarily targeted large commercial enterprises since its emergence in March 2023. Upon…
In May 2023, Microsoft released its Patch Tuesday updates, addressing 38 security vulnerabilities, including two major zero-day flaws that are currently being exploited. The updates aim to fortify Windows systems against active threats that pose significant risks to users and businesses. Trend Micro’s Zero Day Initiative has highlighted that this…
Microsoft has recently released critical security updates aimed at addressing significant vulnerabilities in its Windows operating system and associated software. This rollout is part of the scheduled Patch Tuesday updates for June 2023. The update addresses a total of 73 vulnerabilities, categorized by severity as follows: six are marked as…
Progress Software has announced the identification and resolution of a critical SQL injection vulnerability within MOVEit Transfer, software widely utilized for secure file transfers. Alongside this, the company has addressed two additional high-severity vulnerabilities that also pose significant security risks. The SQL injection vulnerability, designated as CVE-2023-36934, could enable unauthenticated…
In its August 2023 Patch Tuesday updates, Microsoft has addressed a total of 74 vulnerabilities across its software suite, a significant decrease from the 132 vulnerabilities patched in the previous month. Among these, there are six classified as Critical, 67 as Important, and one as Moderate in severity. The latest…
Recent findings by security researchers have highlighted a concerning trend in cybercrime, where attackers use seemingly harmless cloud-based services to hide their malicious activities. Trend Micro has discovered a new malware variant that is particularly striking for its use of steganography—concealing malicious commands within memes posted on a Twitter account…
