Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking
Novel attack vectors leverage the CVE-2023-22527 RCE flaw discovered in January, which is still under active attack, to turn targeted…
Fraud ring pushes 600+ fake web shops via Facebook ads
A malicious fraud campaign dubbed "ERIAKOS" promotes more than 600 fake web shops through Facebook advertisements to steal visitors' personal…
The Not-so-True People-Search Network from China
It's not unusual for the data brokers behind people-search websites to use pseudonyms in their day-to-day lives (you would, too).…
Hackers target Apache RocketMQ servers vulnerable to RCE attacks
Security researchers are detecting hundreds of IP addresses on a daily basis that scan or attempt to exploit Apache RocketMQ services…
The Persian Gulf’s March to the Cloud Presents Global Opportunities
Loosening attitudes about cloud security are expected to create a nearly $10 billion public cloud market in the Middle East…
Phishers Spoof USPS, 12 Other Natl’ Postal Services
Recent weeks have seen a sizable uptick in the number of phishing scams targeting U.S. Postal Service (USPS) customers. Here's…
Hackers use VPN provider’s code certificate to sign malware
The China-aligned APT (advanced persistent threat) group known as 'Bronze Starlight' was seen targeting the Southeast Asian gambling industry with…
Embedding Privacy-First Behaviors for Future Generations
By Michael Levit, Co-Founder and CEO of Tempest As all of our lives have moved online, the collection and sharing…
Millions of Artifacts, Misconfigured Enterprise Software Registries Are Ripe for Pwning
Researchers find 250 million artifacts and 65,000 container images exposed in registries and repositories scattered across the Internet.
IRS-authorized eFile.com tax return software caught serving JS malware
eFile.com, an IRS-authorized e-file software service provider used by many for filing their tax returns, has been caught serving JavaScript…