FortiGuard Labs found that the IZ1H9 Mirai-based DDoS botnet campaign has strengthened its arsenal with 13 exploits for D-Link devices, Netis wireless routers, TOTOLINK routers, Zyxel devices, and others. As the botnet expands its arsenal with new exploit triggers, it underscores the importance of applying security patches on time.
The “Five Families” of hacktivist gangs, including ThreatSec, GhostSec, Stormous, Blackforums, and SiegedSec, are collaborating to launch large-scale cyberattacks, causing disruptions and chaos.
The letter from the lawmakers follows a recent fine of 345 million euros (~$366 million) imposed on TikTok by the Irish Data Protection Commissioner for failing to adequately protect children’s privacy.
A recent survey conducted by Enea reveals that 76% of cybersecurity professionals believe that malicious AI, capable of bypassing most cybersecurity measures, is a looming threat.
Google has released Chrome 118 with fixes for 20 vulnerabilities, including a critical bug in Site Isolation that could allow for sandbox escape and arbitrary code execution.
Symantec found a previously unidentified threat actor named Grayling conducting advanced persistent attacks targeting organizations in Taiwan, the Pacific Islands, Vietnam, and the U.S., with a focus on intelligence gathering. Grayling’s modus operandi seems to revolve around exploiting public infrastructures for initial access. This demands a keen eye on network anomalies and a rigorous patch management […]
The lawsuit alleged that Crunchyroll had disclosed subscribers’ personal information to third parties without proper consent. Initially denying the allegations, Crunchyroll ultimately chose to settle to avoid expenses and uncertainties.
The vulnerability, CVE-2023-22515, allows remote attackers to create unauthorized administrator accounts and gain access to Confluence servers. Organizations using Confluence applications should upgrade to the latest versions and isolate them.
Automation and AI are being used by cybercriminals to enhance the speed and effectiveness of attacks, particularly in areas like money laundering and credential stuffing.
The victims include Hughes Gill Cochrane Tinetti, Saltire Energy, Centek Industries, NachtExpress Austria, WCM Europe, Starr Finley, and an unknown firm. These attacks are part of a wider scheme by the threat actor, targeting major firms globally.