Search results for: “ransomware”
-
CitrixBleed: Critical Flaw Leads to Session Hijacking and MFA Bypass
CitrixBleed is a critical information-disclosure vulnerability affecting Citrix NetScaler ADC and Gateway systems. Attackers exploit this flaw to steal session tokens, hijack user sessions, and bypass multi-factor authentication, leading to data breaches, system compromise, and digital espionage by APT groups and cybercriminals.
-
Active Directory Under Siege: Why Critical Infrastructure Remains a Prime Target
Active Directory, the foundational identity and access management service for over 90% of Fortune 1000 companies, remains a critical target for cyber adversaries, especially in essential sectors like critical infrastructure. This article discusses its vulnerabilities, common attack techniques like Golden Ticket and DCSync attacks, and the severe implications of breaches, as illustrated by the 2024…
-
GootLoader Returns with Novel WOFF2 Font Obfuscation and WordPress Exploits
GootLoader returns with novel WOFF2 font obfuscation and WordPress exploits, rapidly compromising networks. The malware uses custom WOFF2 fonts and exploits WordPress comment sections to deliver malicious payloads.
-
German City of Ludwigshafen Suffers Cyberattack, Systems Offline
The German city of Ludwigshafen has taken its ICT systems offline after a cyberattack, disrupting public services and highlighting the vulnerability of critical municipal infrastructure. The incident is under investigation, mirroring a global trend of cyberattacks on local government entities.
-
QNAP Issues Urgent Updates for Critical NAS Vulnerabilities Exposed at Pwn2Own
QNAP has issued a series of critical security updates following the discovery of eight severe vulnerabilities, enabling remote attackers to gain complete control over affected NAS systems.
-
Google’s AI System Identifies Critical WebKit Vulnerabilities, Underscoring Machine Learning’s Evolving Role in Cybersecurity
Google’s AI system has successfully identified critical vulnerabilities within Apple’s WebKit, demonstrating the growing effectiveness of machine learning in cybersecurity. This significant discovery highlights AI’s evolving role in proactively detecting complex security flaws that often evade traditional methods, promising a future where AI plays a central role in securing digital infrastructure.
-
Google’s AI Uncovers Critical Flaws in Apple’s WebKit, Highlighting Machine Learning’s Role in Cybersecurity
Google’s AI system, ‘Big Sleep,’ discovered five critical vulnerabilities in Apple’s WebKit, highlighting AI’s growing role in cybersecurity for proactive vulnerability detection and responsible disclosure practices between tech giants.
-
German Experts Deployed to Belgium Amid Rising Drone Incidents Near Sensitive Sites
Germany has dispatched military specialists to Belgium to assist in countering an uptick in unidentified drone sightings near critical installations, including a military air base known to house U.S. nuclear weapons. The move underscores growing concerns over hybrid threats within Europe and the readiness of NATO allies to respond.
-
Google’s AI “Big Sleep” Uncovers Five Critical WebKit Vulnerabilities in Apple Software
Google’s advanced artificial intelligence, dubbed “Big Sleep,” has reportedly identified five critical vulnerabilities within Apple’s widely used WebKit rendering engine, raising fresh questions about the evolving role of AI in cybersecurity and the relentless challenge of securing omnipresent software platforms.
-
Hidden “Logic Bombs” Found in Popular Software Packages, Threatening Future Industrial Sabotage and Data Corruption
Security researchers have uncovered a new wave of ‘logic bombs’ hidden within commonly used software, designed to disrupt critical industrial systems and corrupt databases, posing significant challenges for detection and forensic investigation.