Russian Script Kiddie Assembles Massive DDoS Botnet
Over the past year, "Matrix" has used publicly available malware tools and exploit scripts to target weakly secured IoT devices…
New NachoVPN attack uses rogue VPN servers to install malicious updates
A set of vulnerabilities dubbed "NachoVPN" allows rogue VPN servers to install malicious updates when unpatched Palo Alto and SonicWall…
Phishing Prevention Framework Reduces Incidents by Half
The anti-fraud plan calls for companies to create a pipeline for compiling attack information, along with formal processes to disseminate…
Hubris meets Nemesis: How an overzealous Jack Smith elected Donald Trump
In their frantic search to blame someone, anyone, for the election of the alleged proto-fascist Donald Trump, the Democratic Party…
Cross-Site Scripting Is 2024’s Most Dangerous Software Weakness
MITRE and CISA's 2024 list of the 25 most dangerous software weaknesses exposes the need for organizations to continue to…
Over 2,000 Palo Alto firewalls hacked using recently patched bugs
Hackers have already compromised thousands of Palo Alto Networks firewalls in attacks exploiting two recently patched zero-day vulnerabilities. [...]
MITRE shares 2024’s top 25 most dangerous software weaknesses
MITRE has shared this year's top 25 list of the most common and dangerous software weaknesses behind more than 31,000…
Ubuntu Linux impacted by decade-old ‘needrestart’ flaw that gives root
Five local privilege escalation (LPE) vulnerabilities have been discovered in the needrestart utility used by Ubuntu Linux, which was introduced…
Fintech Giant Finastra Investigating Data Breach
The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity…
Palo Alto Networks patches two firewall zero-days used in attacks
Palo Alto Networks has finally released security updates for an actively exploited zero-day vulnerability in its Next-Generation Firewalls (NGFW). [...]