Cybersecurity researchers have uncovered two local privilege escalation (LPE) flaws that could be exploited to gain root privileges on machines running major Linux distributions. The vulnerabilities, discovered by Qualys, are
A new campaign is making use of Cloudflare Tunnel subdomains to host malicious payloads and deliver them via malicious attachments embedded in phishing emails. The ongoing campaign has been codenamed
A new multi-stage malware campaign is targeting Minecraft users with a Java-based malware that employs a distribution-as-service (DaaS) offering called Stargazers Ghost Network. “The campaigns resulted in a multi-stage attack
Cybersecurity researchers have exposed a previously unknown threat actor known as Water Curse that relies on weaponized GitHub repositories to deliver multi-stage malware. “The malware enables data exfiltration (including credentials,
For organizations eyeing the federal market, FedRAMP can feel like a gated fortress. With strict compliance requirements and a notoriously long runway, many companies assume the path to authorization is
A former U.S. Central Intelligence Agency (CIA) analyst has been sentenced to little more than three years in prison for unlawfully retaining and transmitting top secret National Defense Information (NDI)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday placed a security flaw impacting the Linux kernel in its Known Exploited Vulnerabilities (KEV) catalog, stating it has been actively
Iran has throttled internet access in the country in a purported attempt to hamper Israel’s ability to conduct covert cyber operations, days after the latter launched an unprecedented attack on
Veeam has rolled out patches to contain a critical security flaw impacting its Backup & Replication software that could result in remote code execution under certain conditions. The security defect,
A now-patched security flaw in Google Chrome was exploited as a zero-day by a threat actor known as TaxOff to deploy a backdoor codenamed Trinper. The attack, observed in mid-March