International

F5 releases security advisory for multiple vulnerabilities including K000132893: GRUB2 vulnerability CVE-2022-28733. This flaw allows an attacker to craft a malicious packet, triggering an integer underflow in grub code. Consequently, the memory allocation for handling the packet data may be smaller than the size needed. This issue causes an out-of-bands …

Around 11 million SSH servers are at risk from the Terrapin attack, which can compromise the security of certain SSH connections. This constitutes roughly 52% of all scanned samples in the IPv4 and IPv6 space monitored by Shadoserver. The Terrapin attack, created by researchers from Ruhr University Bochum in Germany, …

The European Central Bank (ECB) will test over 100 European banks on their ability to respond to and recover from cyber-attacks. The European Union’s central bank will perform its first cyber resilience stress test on 109 banks under its supervision in 2024. The test will evaluate the banks’ capacity to …

Cybercriminals have increased the sale of new or stolen Gold checkmarked accounts from the X/Twitter platform. These accounts are being used by threat actors to share links to malware on the social media site, making it appear as a post from a trusted source. Researchers at CloudSEK in Singapore have …

The research uncovered that 29 malware families targeted 1,800 banking applications across 61 countries last year. In comparison, the 2022 report uncovered 10 prolific malware families targeting 600 banking apps. Traditional banking apps are the main target, with 1,103 compromised apps, accounting for 61% of the total. FinTech and Trading …

A PoC code has been released for the a serious vulnerability, CVE-2023-41974, on iOS and macOS. This vulnerability can be used to gain full control of a mobile device by exploiting a critical issue in the kernel, giving an application access to run any code with kernel privileges. This discovery …

Security researchers have released new tools to help Black Basta ransomware victims recover their files. SR Labs, based in Berlin, recently shared on GitHub that the tools take advantage of a flaw in the encryption algorithm. Basta uses ChaCha to encrypt victim files by XORing with a keystream in 64-byte …

Hudson Researchers reported that on December 20th, ‘irleaks’ claimed to have 160 million records from 23 top insurance companies in Iran for sale. The hacker says they have stolen data like names, birth dates, phone numbers, national codes, and more. They have shared a sample of the data and want …

Hacktivist group, Anonymous Collective claim to cyber attack the E Visa service of the Bahrain government. The cyberattack on Bahrain government has raised concerns about the cyber security arena of sensitive data protection. The hacktivist group shared a screen shot of attack of the E Visa services on their social …

On Christmas Eve, Resecurity protecting Fortune 100 and government agencies worldwide, noticed that multiple actors on the Dark Web were leaking a large amount of data. More than 50 million records containing personal information about consumers from different countries were leaked. The damage caused by this could potentially be worth …