In December 2022, the tool’s maintainers announced patches for CVE-2022-46169, a critical-severity command injection flaw that could allow unauthenticated attackers to execute code on the server running Cacti, if a specific data source was used.
Tainted VPN installers are being used to deliver a piece of surveillanceware dubbed EyeSpy as part of a malware campaign. A majority of the infections are said to originate in Iran, with smaller detections in Germany and the U.S.
In a new post by MetaMask, the developers warn of a new scam called ‘Address Poisoning’ that relies on poisoning the wallet’s transaction history with scammer’s addresses that are very similar to addresses that a user recently had transactions.
Positions in outer space cybersecurity, AI mentoring, and digital footprint consulting may sound unusual at first glance, but the rapid development of technology could make them a reality in just a few years.
New York Governor Kathy Hochul is adding an additional $35 million in funding to the state’s $61.9 million cybersecurity budget for this year, while also creating a new team focusing on protecting critical infrastructure.
The malware was discovered by Daniel Milisic, who created a script and instructions to help users nullify the payload and stop its communication with the command and control (C2) server.
Lengthy privacy notices included in a social media platform’s terms of service can do little to help it comply with transparency requirements under European law, according to recently revealed case documents in which Meta was fined $414 million.
Remote access trojans such as StrRAT and Ratty are being distributed as a combination of polyglot and malicious Java archive (JAR) files, once again highlighting how threat actors are continuously finding new ways to fly under the radar.
Apple “unlawfully records and uses consumers’ personal information and activity,” claims a new lawsuit accusing the company of tracking iPhone users’ device data even when they’ve asked for tracking to be switched off.
Cisco Talos recently discovered three vulnerabilities in Asus router software. The Asus RT-AX82U router is one of the newer Wi-Fi 6 (802.11ax)-enabled routers that also support mesh networking with other Asus routers.