Tag: security
An ancient Linux flaw might be opening up users to dangerous cyberattacks
Many versions of Linux may be vulnerable to a flaw that allowed hackers to steal passwords, or change the contents of their clipboard. The vulnerability, however, comes with a major caveat that makes exploitations somewhat unlikely (or at least heavily limited). Cybersecurity researcher Skyler Ferrante recently discovered an “improper neutralization…
Read More
PyPI stops signing up new users to try and block malware campaign
Python Package Index (PyPI), the largest repository of Python packages, has once again been forced to suspend new account and new project registrations. Cybersecurity experts from both Checkmarx and Check Point observed a large-scale cyberattack in which threat actors tried to upload hundreds of malicious packages to the platform, in…
Read More
Cisco alerts users to password-spraying attacks targeting VPN services
Networking giant Cisco has warned its users of an ongoing attack against its business VPN services. In a security advisory, Cisco said it had been notified of an ongoing password-spraying attack against different third-party VPN concentrators. In this instance, it was Remote Access VPN (RAVPN) services configured on Cisco Secure…
Read More
Hot Topic confirms multiple new cyberattacks — customer details and payment info exposed online
Hot Topic customer may have been victims of a cyberattack when unknown actors tried to log into their accounts, the company has confirmed. In a breach notification letter sent to its customers, which was later picked up by BleepingComputer, the clothing store said that unidentified threat actors engaged in credential…
Read More
Microsoft launches tools to try and stop people messing with chatbots
Microsoft has launched a suite of new tools within Azure aimed at boosting the safety and security of generative AI applications, with a special focus on chatbots. The tools are hoped to help organizations mitigate various risks associated with the deployment of generative AI, including concerns about abusive content and…
Read More
This new phishing attack targets iPhone and Android alike via RCS
A new phishing service has been detected sporting a unique way of approaching iOS and Android users. The Phishing-as-a-Service (PhaaS) tool, called “Darcula” and uncovered by researchers at Netcraft, stands out from the crowd as it reaches out to its victims via the Rich Communication Services (RCS) protocol for Google…
Read More