Russian APT Phishes Kazakh Gov’t for Strategic Intel
A highly targeted cyber-intelligence campaign adds fuel to the increasingly complex relationship between the two former Soviet states.
Trusted Apps Sneak a Bug Into the UEFI Boot Process
Seven system recovery programs contained what amounted to a backdoor for injecting any untrusted file into the system startup process.
SAP fixes critical vulnerabilities in NetWeaver application servers
SAP has fixed two critical vulnerabilities affecting NetWeaver web application server that could be exploited to escalate privileges and access…
SonicWall urges admins to patch exploitable SSLVPN bug immediately
SonicWall is emailing customers urging them to upgrade their firewall's SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN…
BIOS flaws expose iSeq DNA sequencers to bootkit attacks
BIOS/UEFI vulnerabilities in the iSeq 100 DNA sequencer from U.S. biotechnology company Illumina could let attackers disable devices used for…
New HIPAA Cybersecurity Rules Pull No Punches
Healthcare organizations of all shapes and sizes will be held to a stricter standard of cybersecurity starting in 2025 with…
Fight Fire with Fire: 3 Strategies to Defeat Deepfakes
Generative AI deepfakes represent another skirmish in the ongoing clash between two forces that never stop innovating I was there…
Malicious ads push Lumma infostealer via fake CAPTCHA pages
A large-scale malvertising campaign distributed the Lumma Stealer info-stealing malware through fake CAPTCHA verification pages that prompt users to run…
Call of Duty goes nonbinary: Virtue-signaling or military psyop?
Call of Duty, one of the most popular video games of all time, recently introduced its first "nonbinary" character.Many will…
Ivanti warns of maximum severity CSA auth bypass vulnerability
Ivanti warned customers on Tuesday about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution. [...]