Unmasking the Dark Side of Low-Code/No-Code Applications

18/12/2023 0 Comments 0 tags

Low-code/no-code (LCNC) and robotic process automation (RPA) have gained immense popularity, but how secure are they? Is your security team paying enough attention in an era of rapid digital transformation,

CISA Urges Manufacturers Eliminate Default Passwords to Thwart Cyber Threats

18/12/2023 0 Comments 0 tags

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging manufacturers to get rid of default passwords on internet-exposed systems altogether, citing severe risks that could be exploited by malicious actors to

MongoDB Suffers Security Breach, Exposing Customer Data

17/12/2023 0 Comments 0 tags

MongoDB on Saturday disclosed it’s actively investigating a security incident that has led to unauthorized access to “certain” corporate systems, resulting in the exposure of customer account metadata and contact

Google’s New Tracking Protection in Chrome Blocks Third-Party Cookies

17/12/2023 0 Comments 0 tags

Google on Thursday announced that it will start testing a new feature called “Tracking Protection” beginning January 4, 2024, to 1% of Chrome users as part of its efforts to deprecate

New Security Vulnerabilities Uncovered in pfSense Firewall Software – Patch Now

17/12/2023 0 Comments 0 tags

Multiple security vulnerabilities have been discovered in the open-source Netgate pfSense firewall solution called pfSense that could be chained by an attacker to execute arbitrary commands on susceptible appliances. The

Bug or Feature? Hidden Web Application Vulnerabilities Uncovered

17/12/2023 0 Comments 0 tags

Web Application Security consists of a myriad of security controls that ensure that a web application: Functions as expected. Cannot be exploited to operate out of bounds. Cannot initiate operations

Crypto Hardware Wallet Ledger’s Supply Chain Breach Results in $600,000 Theft

17/12/2023 0 Comments 0 tags

Crypto hardware wallet maker Ledger published a new version of its “@ledgerhq/connect-kit” npm module after unidentified threat actors pushed malicious code that led to the theft of more than $600,000 in virtual

New KV-Botnet Targeting Cisco, DrayTek, and Fortinet Devices for Stealthy Attacks

17/12/2023 0 Comments 0 tags

A new botnet consisting of firewalls and routers from Cisco, DrayTek, Fortinet, and NETGEAR is being used as a covert data transfer network for advanced persistent threat actors, including the

Microsoft Warns of Storm-0539: The Rising Threat Behind Holiday Gift Card Frauds

17/12/2023 0 Comments 0 tags

Microsoft is warning of an uptick in malicious activity from an emerging threat cluster it’s tracking as Storm-0539 for orchestrating gift card fraud and theft via highly sophisticated email and SMS phishing

China’s MIIT Introduces Color-Coded Action Plan for Data Security Incidents

17/12/2023 0 Comments 0 tags

China’s Ministry of Industry and Information Technology (MIIT) on Friday unveiled draft proposals detailing its plans to tackle data security events in the country using a color-coded system. The effort is designed