Technology

Almost 10 days after application security company F5 Networks released patches for critical vulnerabilities in its BIG-IP and BIG-IQ products, adversaries have begun opportunistically mass scanning and targeting exposed and unpatched networking devices to break into enterprise networks. News of in the wild exploitation development comes on the heels of a proof-of-concept exploit code that

Cybersecurity researchers on Thursday disclosed a new attack wherein threat actors are leveraging Xcode as an attack vector to compromise Apple platform developers with a backdoor, adding to a growing trend that involves targeting developers and researchers with malicious attacks. Dubbed “XcodeSpy,” the trojanized Xcode project is a tainted version of a legitimate, open-source project

The U.S. Department of Justice yesterday announced updates on two separate cases involving cyberattacks—a Swiss hacktivist and a Russian hacker who planned to plant malware in the Tesla company. A Swiss hacker who was involved in the intrusion of cloud-based surveillance firm Verkada and exposed camera footage from its customers was charged by the U.S.

A newly discovered glitch in Zoom’s screen sharing feature can accidentally leak sensitive information to other attendees in a call, according to the latest findings. Tracked as CVE-2021-28133, the unpatched security vulnerability makes it possible to reveal contents of applications that are not shared, but only briefly, thereby making it harder to exploit it in the

A pair of critical vulnerabilities in a popular bulletin board software called MyBB could have been chained together to achieve remote code execution (RCE) without the need for prior access to a privileged account. The flaws, which were discovered by independent security researchers Simon Scannell and Carl Smith, were reported to the MyBB Team on

When a user account becomes locked out, the cause is often attributed to a user who has simply entered an old or incorrect password too many times. However, this is far from being the only thing that can cause an account to become locked. Another common cause, for example, is an application or script that

Are you looking to becoming a malware analyst? Then continue reading to discover how to gain the training you need and start a career in malware analysis career.Did you know that new malware is released every seven seconds? As more and more systems become reliant on the internet, the proliferation of malware becomes increasingly destructive.

Privacy-focused search engine DuckDuckGo called out rival Google for “spying” on users after the search giant updated its flagship app to spell out the exact kinds of information it collects for personalization and marketing purposes. “After months of stalling, Google finally revealed how much personal data they collect in Chrome and the Google app. No

Researchers have disclosed vulnerabilities in multiple WordPress plugins that, if successfully exploited, could allow an attacker to run arbitrary code and take over a website in certain scenarios. The flaws were uncovered in Elementor, a website builder plugin used on more than seven million sites, and WP Super Cache, a tool used to serve cached pages of

Email security firm Mimecast on Tuesday revealed that the state-sponsored SolarWinds hackers who broke into its internal network also downloaded source code out of a limited number of repositories. “The threat actor did access a subset of email addresses and other contact information and hashed and salted credentials,” the company said in a write-up detailing its investigation,