Uncategorized

Fortinet has issued security updates for several products, including FortiOS, to fix vulnerabilities that could allow cyber attackers to take control of affected systems. CISA encourages users and administrators to review the following advisories and apply necessary updates. FG-IR-23-396 ReadOnly Users Could Run Some Sensitive Operations: A client-side enforcement of …

The Socket Research Team has discovered a malicious package named “fabrice,” pretending to be the legitimate fabric SSH automation library. Since its introduction on PyPI in 2021, fabrice has been stealing AWS credentials from users who mistakenly installed it. With over 37,000 downloads, this incident underscores ongoing risks of malware …

GitHub has launched an AI tool called ‘Spark’ that allows users to create apps using natural language, eliminating the need for coding. This tool was introduced at the GitHub Universe Conference in San Francisco. This tool, created by GitHub Next Labs, can quickly generate a web app from English prompts. …

Zimperium researchers have found a new version of FakeCall malware for Android that threatens financial security. This malware redirects users’ calls to their banks to the attacker’s phone number, aiming to steal sensitive information and funds. FakeCall is a banking trojan used for voice phishing, misleading victims into giving sensitive …

Global threat actors have significantly increased attacks on government sectors, with malware-driven attempts rising by triple digits in the first quarter of the year, according to SonicWall. The security vendor’s analysis shows a 236% increase in blocked attacks in Q1 2024 compared to last year, along with a 27% rise …

Bangladesh Bank issues alert on cyber threat. In its alert the central bank said, according to Bangladesh cyber security intelligence (BCSI)’s observation, some banks customers are victim to unauthorized transaction through Facebook ad manager. In this situation, Bangladesh Bank notifies the banks to take precautionary action to secure the account …

The Indian Cyber Crime Coordination Centre (I4C) has warned about illegal payment gateways set up by transnational cyber criminals using mule bank accounts for money laundering. The Ministry of Home Affairs (MHA) reported that recent nationwide raids by the Gujarat and Andhra Pradesh Police uncovered illegal digital payment gateways created …

White hat hackers at the Pwn2Own Ireland 2024 contest by Trend Micro’s Zero Day Initiative earned $500,000 on the first day by exploiting NAS devices, cameras, printers, and smart speakers. Sina Kheirkhah from Summoning Team earned the top reward of $100,000 by exploiting nine vulnerabilities in an attack from a …

In today’s rapidly changing cybersecurity environment, organizations encounter numerous complex threats targeting endpoints and networks. CrowdStrike and Fortinet have partnered to provide top-notch protection from endpoints to firewalls. This partnership combines the strengths of CrowdStrike in endpoint security and Fortinet in network security, offering customers the flexibility, visibility, and protection …

Sophos, based in the UK, is to acquire Secureworks, a Nasdaq-listed company, for $859 million in cash from Dell Technologies. This merger combines two major channel-focused cybersecurity firms. Sophos plans to combine solutions from both companies to create a stronger security portfolio for small, mid-sized, and enterprise customers. Dell owns …