Category: security
US military and defense contractors hit with Infostealer malware
US military agencies and defense contractors hit by infostealer malware The malware can exfiltrate victim’s data Researchers discovered thousands of infected devices Despite their multi-billion dollar budgets, US agencies have been infected by Infostealer malware, and have had credentials and information stolen from official devices. A report from Hudson Rock…
Read More
OpenSSH vulnerabilities could pose huge threat to businesses everywhere
Qualys uncovers two bugs in OpenSSH The flaws could be used in Machine-in-the-Middle and Denial-of-Service attacks Patches are available, as well as some mitigations OpenSSH carried two vulnerabilities that were enabling machine-in-the-middle (MitM) attacks and denial-of-service (DoS) attacks, experts have warned. Cybersecurity researchers from the Qualys Threat Research Unit (TRU),…
Read More
Microsoft spies a new and worrying macOS malware strain
Microsoft warns of new version of the XCSSET infostealer It comes with new obfuscation, infection, and persistence techniques Experts warn all users to be careful Microsoft says it has spotted a new strain of an old macOS malware variant, one which comes with better obfuscation techniques, more persistence, and new…
Read More
Profit over privacy? Google gives advertisers more personal info in major ‘fingerprinting’ U-turn
Google has reversed its policy on ‘fingerprinting’ ‘Fingerprinting’ is a technique used to collect personal user data Users have very little say over what information is given to advertisers Do you sometimes wish that online advertisers had access to more of your private information without your consent or knowledge? Well,…
Read More
DeepSeek blocked from app stores in South Korea
South Korea privacy watchdog has temporarily halted downloads of DeepSeek DeepSeek is working with authorities to get compliant Latest in a series of privacy concerns raised about AI chatbots South Korea’s Personal Information Protection Commission (PIPC) has temporarily halted new downloads of Chinese-owned AI chatbot DeepSeek. Reports from TechCrunch confirm…
Read More
Palo Alto Networks PAN-OS sees authentication bypass under attack from hackers
Palo Alto Networks fixes authentication bypass PAN-OS flaw A day after the patch was released, criminals started looking for vulnerable endpoints The flaw allows them to run different PHP scripts A vulnerability in Palo Alto Networks firewalls is being abused in in-the-wild attacks, researchers are saying. The company recently found,…
Read More