Hot Topics

Vulnerabilities

Security Vulnerability in Saflok’s RFID-Based Keycard Locks

| | Cybersecurity, Hacking, hotels, Internet of things, locks, Uncategorized, Vulnerabilities
It’s pretty devastating: Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok. The technique is a collection of security ...
Schneier on Security
Get a demo

How Malware Facilitates Online Financial Fraud and Threatens Corporate Security

| | Fraud, Malware, Vulnerabilities
Malware stands as a formidable tool in the arsenal of cybercriminals, facilitating online financial fraud with alarming efficiency and sophistication. This malicious software, designed to damage or disable computers, now targets the ...
BlackCloak | Protect Your Digital Life™

ChatGPT Plugin Security Vulnerabilities Exploited By Hackers

| | AI Assistants, ChatGPT, Cyber Threats, Cybersecurity, Cybersecurity News, Data breaches, digital security, Encryption Protocols, Hackers, OAuth Workflow, Penetration Testing, Plugin Security, security measures, side-channel attacks, Vulnerabilities, Zero-click Attacks
In the realm of cybersecurity, constant vigilance is paramount as threat actors perpetually seek novel ways to exploit vulnerabilities. Recent research has shed light on a concerning trend: the potential misuse of ...
TuxCare
a PRC flag flies in a stiff breeze

China Steals Defense Secrets ‘on Industrial Scale’

| | china, china espionage, China-linked Hackers, Chinese, Chinese Communists, chinese government, chinese hacker, Chinese hackers, Chinese Intelligence, Chinese state-sponsored hacking group, Chinese Threat Actors, ConnectWise, ConnectWise Vulnerabilities, CVE-2022-0185, CVE-2022-3052, CVE-2023-22518, CVE-2024-1709, Data Stolen By China, Dawn Calvary, f5, F5 BIG-IP, F5 BIG-IP vulnerability, Genesis Day, gov.uk, Mandiant, MSS, MSS Hackers, Peoples Republic of China, PRC, PRC Espionage, SB Blogwatch, ScreenConnect, Teng Snake, uk, UNC302, UNC5174, Uteus, Xiaoqiying
UNC5174 ❤ UNC302: CVSS 10 and 9.8 vulnerabilities exploited by Chinese threat actor for People’s Republic ...
Security Boulevard

VulnCheck’s Free Community KEV & CVE APIs (Code & Golang CLI Utility)

| | APIs, Cybersecurity, Vulnerabilities
VulnCheck has some new, free API endpoints for the cybersecurity community. Two extremely useful ones are for their extended version of CISA’s KEV, and an in-situ replacement for NVD’s sad excuse for ...
rud.is

Unsafelok Threat Highlights It’s About Both IoT Devices and Applications

| | Blog, cyber, iot, remediation, Vulnerabilities
IoT devices and applications exist all over the place, and in high volume.  Today’s news brought yet another example of how the scale of IoT systems leads to the conclusion that their ...
Viakoo, Inc
A green worm on a juicy red apple

Apple M-Series FAIL: GoFetch Flaw Finds Crypto Keys

| | Apple, apple bug, Apple Data Security, apple hack, apple hacker, Apple iOS, Apple iPad, ARM, cache, dmp, GoFetch, iPad, M1, M2, M3, Macintosh, macos, SB Blogwatch
GoFAIL: Researchers worm their way into broken cache-filling microcode in most Macs and iPads ...
Security Boulevard
Public washroom faucets

EPA and White House Raise Alarm on Water Cybersecurity

| | Critical Infrastructure, critical infrastructure assets, critical infrastructure attack, Critical Infrastructure Cyber security, Critical Infrastructure Cybersecurity, Drinking Water, Environmental Protection Agency, EPA, ICS, operational technologies, OT, public water systems, SB Blogwatch, wastewater, water, water distribution systems, Water industry, water infrastructure, White House
Iran and China fingered: Biden admin. chides governors: Water infra. lacks “even basic cybersecurity precautions.” ...
Security Boulevard
Get a demo

How Real-Time Personal Cybersecurity Incident Response Mitigates Lateral Attacks for Corporate Executives

| | Cybersecurity, Digital Executive Protection, Executive Online Protection, Personal Cybersecurity, Vulnerabilities
The cybersecurity landscape is more volatile and complex than ever before. Corporate executives, often targeted due to their high-profile positions and access to sensitive information, find themselves at the forefront of cyber ...
BlackCloak | Protect Your Digital Life™

CISA Adds JetBrains TeamCity Vulnerability To KEV Catalog

| | authentication bypass, Business Resilience, CVE-2024-27198, CVE-2024-27199, Cyber Threats, Cybersecurity News, Endpoint security, JetBrains TeamCity, patch management, risk mitigation, Software Security, Vulnerability Management
The US Cybersecurity and Infrastructure Security Agency (CISA) has flagged a critical JetBrains TeamCity vulnerability, emphasizing the urgent need for users to take preventive measures. The recently discovered flaw has been added ...
TuxCare
Load more