Aggregator

Imagine you’re part of a cybersecurity team that just received an alert about a potenti

To stay ahead of cyber threats, organizations need a dynamic and unified approach to managing their

In a world where cybersecurity threats don’t keep to office hours, having a mobile app

With the Ethereum blockchain as the CPU of the world computer, Swarm is best thought of as its "har

© 2024 Packet Storm. All rights reserved.

Get highlights of our research into the security of GitHub Actions, and our advice on mitigating th

© 2024 Packet Storm. All rights reserved.

A vulnerability was found in sendcard 3.4.1 and classified as problematic. This issue affects some unknown processing of the file sendcard.php. The manipulation leads to path traversal. The identification of this vulnerability is CVE-2007-2471. The attack may be initiated remotely. Furthermore, there is an exploit available.

Users are exploiting a privacy flaw in WhatsApp to bypass the app’s “View once” feature, allowing them to re-view messages. The ‘View Once‘ feature in WhatsApp allows users to send photos, videos, and voice messages that can only be viewed once by the recipient. Recipients cannot forward, share, or copy the “View Once” media, and […]

A vulnerability, which was classified as critical, has been found in Celluloid 1.3. This issue affects some unknown processing of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. The identification of this vulnerability is CVE-2014-6016. The attack needs to be done within the local network. There is no exploit available.

Ransomware Gang Daixin Claims It Published Sensitive Patient Info on Dark Web Site
A Louisiana-based ambulance company that provides emergency medical care services in four states is notifying nearly 3 million people that their sensitive health information was potentially stolen in a June hack. Ransomware gang Daixin claims to have published the data on its dark web leak site.

Victims Reported $5.6 Billion in Financial Losses Associated With Crypto Schemes
The FBI's Internet Crime Complaint Center on Monday issued a report revealing victims filed more than 69,000 public complaints related to cryptocurrency fraud and $5.6 billion in financial losses in 2023, while investment scams made up the bulk of losses throughout the year.

Threat Actor Is Likely a Beijing Cyberespionage Operator
A Chinese-speaking hacking group is targeting drone manufacturers in Taiwan and other military-related industries on the island country located roughly 100 miles from mainland China. Trend Micro on Friday said it tracks the threat actor as "Tidrone."

COO Jill Popelka Promoted to Chief Executive as Thoma Bravo Acquisition Nears Close
Darktrace has promoted COO Jill Popelka to CEO, replacing long-time leader Poppy Gustafsson. As the cybersecurity AI vendor prepares to finalize its sale to Thoma Bravo, Popelka will steer Darktrace into its next phase of growth. Gustafsson will join the board as a non-executive director.

A vulnerability has been found in Apple macOS up to 10.13.1 and classified as very critical. This vulnerability affects unknown code of the component tcpdump. The manipulation leads to memory corruption. This vulnerability was named CVE-2017-13055. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

Ransomware affiliates exploit a critical security vulnerability in SonicWall SonicOS firewall devices to breach victims' networks. [...]

The Quad7 botnet is expanding its targeting scope with the addition of new clusters and custom implants that now also target Zyxel VPN appliances and Ruckus wireless routers. [...]

A vulnerability classified as critical was found in TuCarro 2.0.5. This vulnerability affects unknown code of the component X.509 Certificate Handler. The manipulation leads to cryptographic issues. This vulnerability was named CVE-2014-6015. The attack can only be initiated within the local network. There is no exploit available.