Among organizations that have suffered data breaches 58% were caused by issues related to digital certificates, according to a report by AppViewX and Forrester Consulting.
Far fewer board members of UK companies are worried about cyber risk than their global peers, according to the second annual Cybersecurity: The 2023 Board Perspective Report from Proofpoint.
Curaçao-headquartered Stake.com offers casino and sports betting for players using cryptocurrency. However, the firm flagged on Monday that it had spotted unauthorized transactions being made from its ETH and BSC hot wallets.
The attackers have implemented multiple layers of defense to protect their Google AdSense accounts, including JavaScript execution, mobile user agent checks, user interaction requirements, and server-side user agent checks.
A new cyber campaign has emerged, with threat actors uploading malicious packages to PyPI, NPM, and RubyGems repositories, posing a significant threat to macOS user data. The malicious packages would collect system information and exfiltrate it to attacker-controlled servers. Security firm Phylum identified a connection between these packages, suggesting a coordinated campaign against software developers.
The authenticated local file inclusion flaw, identified as CVE-2023-2453, allows for remote code execution if an attacker can upload a maliciously crafted “.php” file to a known path on a target system.
A new variant of the Agent Tesla malware is spreading through a phishing campaign, exploiting the CVE-2017-11882/CVE-2018-0802 vulnerability to gain access to victims’ devices and steal sensitive information.
ASUS routers RT-AX55, RT-AX56U_V2, and RT-AC86U are affected by three critical remote code execution vulnerabilities (CVE-2023-39238, CVE-2023-39239, and CVE-2023-39240) that can potentially allow threat actors to take over the devices.
The first messages were posted on August 27, with GhostSec saying it had discovered facial recognition “and various other privacy invading features and tools” within the FANAP group’s software.
In a proof of concept exploit shared on Reddit, a researcher describes how the Linux client of Atlas VPN, specifically the latest version, 1.0.3, has an API endpoint that listens on localhost (127.0.0.1) over port 8076.