information security news

U.S. CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalogU.S. CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity…

2 months ago
Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugsMicrosoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs

Microsoft Patch Tuesday security updates for February 2025 ficed 2 actively exploited bugs

Microsoft Patch Tuesday security updates for February 2025 addressed four zero-day flaws, two of which are actively exploited in the…

2 months ago
Attackers exploit a new zero-day to hijack Fortinet firewallsAttackers exploit a new zero-day to hijack Fortinet firewalls

Attackers exploit a new zero-day to hijack Fortinet firewalls

Fortinet warned of attacks using a now-patched zero-day vulnerability in FortiOS and FortiProxy to hijack Fortinet firewalls. Fortinet warned that…

2 months ago
OpenSSL patched high-severity flaw CVE-2024-12797OpenSSL patched high-severity flaw CVE-2024-12797

OpenSSL patched high-severity flaw CVE-2024-12797

OpenSSL patched the vulnerability CVE-2024-12797, a high-severity flaw found by Apple that enables man-in-the-middle attacks. The OpenSSL Project addressed a…

2 months ago
Artificial intelligence (AI) as an Enabler for Enhanced Data SecurityArtificial intelligence (AI) as an Enabler for Enhanced Data Security

Artificial intelligence (AI) as an Enabler for Enhanced Data Security

Artificial intelligence enhances data security by identifying risks and protecting sensitive cloud data, helping organizations stay ahead of evolving threats.…

2 months ago
Crooks use Google Tag Manager skimmer to steal credit card data from a Magento-based e-storesCrooks use Google Tag Manager skimmer to steal credit card data from a Magento-based e-stores

Crooks use Google Tag Manager skimmer to steal credit card data from a Magento-based e-stores

Sucuri researchers observed threat actors leveraging Google Tag Manager (GTM) to install e-skimmer software on Magento-based e-stores. Sucuri researchers found…

2 months ago
Operation Phobos Aetor: Police dismantled 8Base ransomware gangOperation Phobos Aetor: Police dismantled 8Base ransomware gang

Operation Phobos Aetor: Police dismantled 8Base ransomware gang

Authorities dismantled the 8Base ransomware gang, shutting down its dark web data leak and negotiation sites. An international law enforcement…

2 months ago
Apple fixes iPhone and iPad bug exploited in ‘extremely sophisticated attacks’Apple fixes iPhone and iPad bug exploited in ‘extremely sophisticated attacks’

Apple fixes iPhone and iPad bug exploited in ‘extremely sophisticated attacks’

Apple released iOS and iPadOS updates to address a zero-day likely exploited in extremely sophisticated attacks targeting specific individuals. Apple…

2 months ago
HPE is notifying individuals affected by a December 2023 attackHPE is notifying individuals affected by a December 2023 attack

HPE is notifying individuals affected by a December 2023 attack

Hewlett Packard Enterprise (HPE) has begun notifying individuals affected by a December 2023 attack carried out by Russia-linked threat actors.…

2 months ago
XE Group shifts from credit card skimming to exploiting zero-days<gwmw style="display:none;"></gwmw>XE Group shifts from credit card skimming to exploiting zero-days<gwmw style="display:none;"></gwmw>

XE Group shifts from credit card skimming to exploiting zero-days<gwmw style="display:none;"></gwmw>

The cybercrime group XE Group exploited a VeraCore zero-day to deploy reverse shells, web shells in recent attacks. A recent…

2 months ago