Thursday , April 3 2025

infosecbulletin

Credentials of NASA, Tesla, Verizon, and 2K others leaked by workplace safety organization

The National Safety Council has leaked nearly 10,000 emails and passwords of their members, exposing 2000 companies, including governmental organizations and big corporations. The National Safety Council (NSC) is a non-profit organization in the United States providing workplace and driving safety training. On its digital platform, NSC provides online resources …

Read More »

Mobile Neuron to scan for OWASP Mobile Top 10 vulnerabilities, iOS/Android weaknesses

ImmuniWeb has released Neuron Mobile, a security testing solution for mobile applications. It scans iOS and Android apps for OWASP Mobile Top 10 vulnerabilities and weaknesses. According to ImmuniWeb, Neuron Mobile is a fully automated solution that includes dynamic and static application security testing (DAST/SAST), along with software composition analysis …

Read More »

1,000 Organizations, 60 Million Individuals Impacted by MOVEit Hack

Reportedly, the Russian-speaking Cl0p ransomware group has executed the MOVEit campaign, affecting approximately 1,000 organizations and 60 million individuals. It is important to highlight that these numbers encompass both entities that are directly and indirectly affected. For example, numerous organizations and millions of individuals had their information compromised through PBI, …

Read More »

How do you defend against a malware loader?

Several steps can help minimize the threat from malware loaders. Here’s what ReliaQuest suggests: To enhance your workflow and streamline your scripting tasks, I recommend optimizing the default execution engine for JS files from Wscript to the versatile Notepad. Additionally, you have the flexibility to extend this configuration to accommodate …

Read More »

Urgent FBI Warning: Barracuda Email Gateways Vulnerable Despite Recent Patches

The FBI has issued a warning stating that even after being patched against a critical flaw, Barracuda Networks Email Security Gateway (ESG) appliances are still vulnerable to potential compromise by suspected Chinese hacking groups. It said that the fixes were not effective and that it still sees intrusions and considers …

Read More »