CVE-2021-22893: Zero-Day Vulnerability in Pulse Connect Secure Exploited in the Wild

CVE-2021-22893: Zero-Day Vulnerability in Pulse Connect Secure Exploited in the Wild

Threat actors are leveraging a zero-day vulnerability in Pulse Connect Secure, for which there is no immediate patch scheduled for release. Background On April 20, Pulse Secure, which was acquired by Ivanti last year, published an out-of-cycle security advisory (SA44784) regarding a zero-day vulnerability in the Pulse Connect Secure SSL VPN appliance. In addition to the advisory, Pulse Secure also published a blog post detailing observed exploit behavior related to the zero-day as well others linked…

Read More

Dating Service Suffers Data Breach

Dating Service Suffers Data Breach

Men’s social networking website and online dating application Manhunt has suffered a data breach.  According to a security notice filed with the office of the Washington attorney general on April 1, the 20-year-old site was compromised in a cyber-attack that took place in February 2021. An unauthorized third party downloaded personal information belonging to some Manhunt users after gaining access to the company’s account credential database. The compromised database contained customers’ usernames, email addresses, and passwords. After discovering that…

Read More

IT Security in Organizations After the Pandemic: What’s Next?

IT Security in Organizations After the Pandemic: What’s Next?

By Alan Kakareka, InfoSec consultant to businesses, Demyo inc. The year 2020 has so far represented, the biggest change in the way we live and interact with our environment. After OSM declared a global pandemic state because of the emergence of covid-19, it is accurate to say that within all the chaos, we had to adapt ourselves to a series of changes, not only to survive the virus but to cope with those in our…

Read More

Baseball and cybersecurity have more in common than you think

Baseball and cybersecurity have more in common than you think

A former pro baseball player and coach turned sports psychologist believes there is much cybersecurity pros can learn from sports mental conditioning. He wants to help them hit more home runs. Illustration: Getty Images/Lisa Hornung One of the hardest things to accomplish in sports is to hit a baseball. If a professional baseball player gets a hit 30% of the times they step up to the plate, they’re likely headed for the Baseball Hall of…

Read More

XCSSET malware now targets macOS 11 and M1-based Macs

XCSSET malware now targets macOS 11 and M1-based Macs

XCSSET, a Mac malware targeting Xcode developers, was now re-engineered and employed in a campaign aimed at Apple’s new M1 chips. Experts from Trend Micro have uncovered a Mac malware campaign targeting Xcode developers that employed a re-engineered version of the XCSSET malware to support Apple’s new M1 chips. The new variant also implements new features for data-stealing focused on cryptocurrency apps. XCSSET is a Mac malware that was discovered by Trend Micro in August 2020,…

Read More

How to Become Unattractive for Cybercriminals

How to Become Unattractive for Cybercriminals

Map, monitor and manage your attack surface to stay a step ahead By Stijn Vande Casteele, Founder and CEO, Sweepatic All organizations rely heavily on web presence to display their brand and/or products, reach their audience and streamline their processes. They deploy assets connected to the internet to achieve these goals. The benefits of the cloud, marketing websites and online services are obvious, but there are risks associated with any online presence. So, it becomes…

Read More

Anomali Cyber Watch: Criminals Target Would Be Hackers for Cryptocurrency Theft, A Zero Day Vulnerability in Windows Desktop Manager is in the Wild, US Blames Russia for SolarWinds, and More

Anomali Cyber Watch: Criminals Target Would Be Hackers for Cryptocurrency Theft, A Zero Day Vulnerability in Windows Desktop Manager is in the Wild, US Blames Russia for SolarWinds, and More

The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: Android Malware, Dependency Confusion, Ransomware, Russia, SaintBot and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity. Figure 1 – IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed. Trending Cyber…

Read More

LinuxKit as a Commodity for Building Linux Distributions – Docker Blog

LinuxKit as a Commodity for Building Linux Distributions – Docker Blog

Guest post by Docker Captain Gianluca Arbezzano Recently Corey Quinn from LastWeekInAWS wrote an article that made me think “Nobody Cares About the Operating System Anymore”. Please have a look at it! I like the idea that nobody cares about where their application runs. Developers only want them running. A bit of context about Tinkerbell I am one of the maintainers for the Tinkerbell project. A bare metal workflows engine that heavily relies on containers…

Read More

Top 5 ways to protect against cryptocurrency scams

Top 5 ways to protect against cryptocurrency scams

As the use of cryptocurrency increases, so does the risk of being a target for scammers. Tom Merritt offers five tips for defending against cryptocurrency scams. Cryptocurrency is hot. You can buy a car with it… Heck, you can buy a tweet with it. When anything is hot, it becomes a target for scammers. So, it’s time to defend yourself. Here are five ways to protect yourself against cryptocurrency scams. SEE: Cryptocurrency: An insider’s guide…

Read More
1 2,395 2,396 2,397 2,398 2,399 2,657