Multiple vulnerabilities in the popular airline and hotel rewards platform points.com could have allowed attackers to access users’ personal information, security researchers warn.
Upon analyzing the attack code, Phylum uncovered that it utilized a combination of post-install hooks and pre-install scripts to trigger the execution of malicious code once the packages were installed.
Government organizations and public services are increasingly targeted by cyberattacks from both nation-states and cybercriminals, necessitating the need for stronger cybersecurity measures.
“Since originally reporting CVE-2023-35082… Ivanti has continued its investigation and has found that this vulnerability impacts all versions of Ivanti Endpoint Manager Mobile 11.10, 11.9, and 11.8 and MobileIron Core 11.7 and below,” Ivanti said.
Vulnerable Redis services have been targeted by a “new, improved, dangerous” variant of a malware called SkidMap that’s engineered to target a wide range of Linux distributions.
A new Zscaler report stresses the need for organizations to reevaluate their security posture and migrate to a zero-trust architecture due to the increasing threat of cybercriminals exploiting VPN vulnerabilities.
Reptile, an open-source kernel module rootkit, designed to target Linux systems was found on GitHub. Unlike typical rootkit malware, Reptile not only conceals its presence but also offers a reverse shell, granting threat actors control over compromised systems. It is crucial to regularly inspect systems for vulnerable configurations and ensure all relevant software is up […]
Banks, telecoms providers, media, and tourism companies are thought to have been affected by the attacks, which followed a trip by Prime Minister Pedro Sanchez to Kyiv in which he expressed his government’s support for Ukraine.
Multi-modal monitoring through AI enables the identification of both data and conversation types, enhancing the ability to detect and prevent data leakage or any unauthorized activities.
The Colorado Department of Higher Education (CDHE) discloses a massive data breach impacting students, past students, and teachers after suffering a ransomware attack in June.