Cybersecurity Agencies Warn Against IDOR Bugs Exploited for Data Breaches
By:
Jul 28, 2023THNSoftware Security / Data Safety
Cybersecurity agencies in Australia and the U.S. have published a joint cybersecurity advisory warning against security flaws in web applications that could...
BlueBravo Deploys GraphicalProton Backdoor Against European Diplomatic Entities
By:
Jul 28, 2023THNCyber Espionage / Malware
The Russian nation-state actor known as BlueBravo has been observed targeting diplomatic entities throughout Eastern Europe with the goal of delivering a new...
A Data Exfiltration Attack Scenario: The Porsche Experience
By:
As part of Checkmarx's mission to help organizations develop and deploy secure software, the Security Research team started looking at the security posture of major car manufacturers. Porsche...
STARK#MULE Targets Koreans with U.S. Military-themed Document Lures
By:
Jul 28, 2023THNCyber Attack / Malware
An ongoing cyber attack campaign has set its sights on Korean-speaking individuals by employing U.S. Military-themed document lures to trick them into running...
New SEC Rules Require U.S. Companies to Reveal Cyber Attacks Within 4 Days
By:
Jul 27, 2023THNData Breach / Cyber Attack
The U.S. Securities and Exchange Commission (SEC) on Wednesday approved new rules that require publicly traded companies to publicize details of a...
North Korean Nation-State Actors Exposed in JumpCloud Hack After OPSEC Blunder
By:
North Korean nation-state actors affiliated with the Reconnaissance General Bureau (RGB) have been attributed to the JumpCloud hack following an operational security (OPSEC) blunder that exposed their actual...
How to Protect Patients and Their Privacy in Your SaaS Apps
By:
The healthcare industry is under a constant barrage of cyberattacks. It has traditionally been one of the most frequently targeted industries, and things haven't changed in 2023. The...
Azure AD Token Forging Technique in Microsoft Attack Extends Beyond Outlook, Wiz Reports
By:
Jul 21, 2023THNEmail Security / Cyber Attack
The recent attack against Microsoft's email infrastructure by a Chinese nation-state actor referred to as Storm-0558 is said to have a broader...
Turla’s New DeliveryCheck Backdoor Breaches Ukrainian Defense Sector
By:
Jul 20, 2023THNCyber Attack / Malware
The defense sector in Ukraine and Eastern Europe has been targeted by a novel .NET-based backdoor called DeliveryCheck (aka CAPIBAR or GAMEDAY) that's...
Owner of BreachForums Pleads Guilty to Cybercrime and Child Pornography Charges
By:
Jul 18, 2023THNCybercrime / Data Breach
Conor Brian Fitzpatrick, the owner of the now-defunct BreachForums website, has pleaded guilty to charges related to his operation of the cybercrime forum...