Category: Cybersecurity News
-
Apple’s iOS 18.2, iPadOS 18.2 & macOS 15.2 Updates Include Critical Security Patches
Apple has rolled out its iOS 18.2, iPadOS 18.2 and macOS 15.2 updates with a whole set of new features for its Apple AI Intelligence, along with several critical security patches across a wide range of devices. This new update brings optimizations, AI, and enhancements to privacy and security resolving issues that could have allowed…
-
Microsoft Patch Tuesday Update Fixes Many Security Vulnerabilities, Flaws Including CLFS, LDAP Bugs
Microsoft has released it’s Patch Tuesday December update, usually available on the second Tuesday of every month, with a bunch of security updates and patches. Many of the patches are for vulnerabilities with at least a medium severity CVSS (Common Vulnerability Scoring System) score (most are over 6.0 on a scale of 1-10, 10 being…
-
Zero-Day Vulnerability in Cleo File Transfer Software Found
A critical vulnerability has been found in Cleo’s file transfer software Harmony, VLTrader, and LexiCom affecting versions 5.8.0.21. Researches at Huntress identified this flaw, which exists in its lack of restrictions in uploading and downloading, that allows remote code execution. In their proof of concept, they found attack indictations in the installation logs. These logs…
-
Krispy Kreme Hit With Cyberattack Affecting Online Orders
Krispy Kreme, the popular doughnut and coffee chain restaurant, has been hit with a cyberattack affecting their online systems. This has been impacting their order fulfillment process for online orders. In an recent filing, they confirmed recent unauthorized access within their IT systems which may have an impact on earnings. Krispy Kreme is currently investigating…
-
0patch Offers Patch for Windows NTLM Zero-Day Vulnerability
A zero-day vulnerability affecting many Windows versions from Windows 7 to Windows 11, has been found by researches at 0patch. A zero-day is a vulnerability that doesn’t have an official fix yet, so it is exploitable and possibly being actively used in the wild. According to their post, the vulnerability exists in just the viewing…
-
Security Agencies Issue Guidance on Recent China-Affiliated Telecom Hacks
U.S. security and cybersecurity agencies (along with international partners) have issued a guidance in response to confirmed infiltration on telecom communication systems by China, officially known as People’s Republic of China (PRC),-affiliated groups. While the infiltration was only able to gather meta data such as call records, it was further targeting users involved in government…
-
DroidBot, a Malware-as-a-Service (MaaS), Is Targeting Banking, Crypto Apps
A new Android malware is making rounds and attempting to steal information from unsuspecting users and installs. Being classified as DroidBot, it’s a Remote Access Tool (RAT) utilized in a Malware-as-a-Service (MaaS) model and being used by hacking affiliated groups. Malware-as-a-Service is a subscription model used by hackers and cybercriminals selling their specialized tools and…
Categories:
Have any comments or suggestions? Feel free to let us know!
