Honda’s e-commerce platform for power equipment, marine, lawn & garden, was vulnerable to unauthorized access by anyone due to API flaws that allow password reset for any account. Honda is a Japanese manufacturer of automobiles,...
Category : Cybersecurity
Cisco has fixed a high-severity vulnerability found in Cisco Secure Client (formerly AnyConnect Secure Mobility Client) software that can let attackers escalate privileges to the SYSTEM account used by the operating system. Cisco Secure Client...
The notorious North Korean hacking group known as Lazarus has been linked to the recent Atomic Wallet hack, resulting in the theft of over $35 million in crypto. This attribution is from the blockchain experts...
Hackers used the popular Minecraft modding platforms Bukkit and CurseForge to distribute a new ‘Fractureiser’ information-stealing malware through uploaded modifications and by injecting malicious code into existing projects. According to multiple reports, the attack began when...
A new PowerShell malware script named ‘PowerDrop’ has been discovered to be used in attacks targeting the U.S. aerospace defense industry. PowerDrop was discovered by Adlumin, who last month found a sample of the malware...
KeePass has released version 2.54, fixing the CVE-2023-32784 vulnerability that allows the extraction of the cleartext master password from the application’s memory. When creating a new KeePass password manager database, users must create a master...
For years, “dark” markets have contained stolen credentials for sale. One of the larger and more notorious markets was the Genesis Market, which was invite-only. Over five years, the market offered data on over 1.5...
Zyxel has published a security advisory containing guidance on protecting firewall and VPN devices from ongoing attacks and detecting signs of exploitation. This warning comes in response to multiple reports of widespread exploitation of the...
It has been a fairly quiet week regarding ransomware, with only a few reports released and no new significant attacks. However, we may have a rebrand in the making, and a ransomware operation is likely...
Leading snowboard maker Burton Snowboards confirmed notified customers of a data breach after some of their sensitive information was “potentially” accessed or stolen during what the company described in February as a “cyber incident.” The...