F5 releases security advisory for multiple vulnerabilities including K000132893: GRUB2 vulnerability CVE-2022-28733. This flaw allows an attacker to craft a malicious packet, triggering an integer underflow in grub code. Consequently, the memory allocation for handling the packet data may be smaller than the size needed. This issue causes an out-of-bands …

Google’s cybersecurity firm Mandiant get back its x (twitter) account after being taken over by someone sharing links to a cryptocurrency platform. On Wednesday afternoon around 3:30 pm EST, the scammar took the control over mandiant’s x account, renamed it as phantom and tweeted out links to a company called …

The European Central Bank will test 109 banks in Europe for their resilience against cyberattacks using simulated disruptive cyberattacks. Snappfood, an Iranian online food delivery service, reported to suffer a major data breach. The hacker group “irleaks” revealed the breach and said they took 3TB of personal data from millions …

Around 11 million SSH servers are at risk from the Terrapin attack, which can compromise the security of certain SSH connections. This constitutes roughly 52% of all scanned samples in the IPv4 and IPv6 space monitored by Shadoserver. The Terrapin attack, created by researchers from Ruhr University Bochum in Germany, …

CISA added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog for January 2024 due to evidence of ongoing exploitation. They are the Google Chromium WebRTC Heap Buffer Overflow Vulnerability (CVE-2023-7024) and the Spreadsheet::ParseExcel Remote Code Execution Vulnerability (CVE-2023-7101). In December 2023, Google released an update to fix a vulnerability …

The European Central Bank (ECB) will test over 100 European banks on their ability to respond to and recover from cyber-attacks. The European Union’s central bank will perform its first cyber resilience stress test on 109 banks under its supervision in 2024. The test will evaluate the banks’ capacity to …

Cybercriminals have increased the sale of new or stolen Gold checkmarked accounts from the X/Twitter platform. These accounts are being used by threat actors to share links to malware on the social media site, making it appear as a post from a trusted source. Researchers at CloudSEK in Singapore have …

The research uncovered that 29 malware families targeted 1,800 banking applications across 61 countries last year. In comparison, the 2022 report uncovered 10 prolific malware families targeting 600 banking apps. Traditional banking apps are the main target, with 1,103 compromised apps, accounting for 61% of the total. FinTech and Trading …

A PoC code has been released for the a serious vulnerability, CVE-2023-41974, on iOS and macOS. This vulnerability can be used to gain full control of a mobile device by exploiting a critical issue in the kernel, giving an application access to run any code with kernel privileges. This discovery …

Security researchers have released new tools to help Black Basta ransomware victims recover their files. SR Labs, based in Berlin, recently shared on GitHub that the tools take advantage of a flaw in the encryption algorithm. Basta uses ChaCha to encrypt victim files by XORing with a keystream in 64-byte …