Cisco has issued a security advisory regarding a critical remote code execution (RCE) vulnerability, dubbed “regreSSHion,” that affects multiple products. The vulnerability tracked as CVE-2024-6387, was disclosed by the Qualys Threat Research Unit on July 1, 2024. It impacts the OpenSSH server (sshd) in glibc-based Linux systems and has the potential to allow unauthenticated attackers…
Hackers add more devices to the network of slave digital devices, which would do what hackers want them to do. These networks, called botnets, launch large-scale cyberattacks, including the dreaded Distributed Denial of Services (DDoS). Now Dark web peers are selling botnets at throw-away prices ranging from $99 on the Dark Web, according to cybersecurity…
Investment scams primarily operate through social media and messaging platforms like WhatsApp and Telegram. CloudSEK found a surge in malicious content on these platforms — over 29,000 fraudulent ads on Facebook and a 81,000 fake investment groups on WhatsApp. The report covers an in-depth report exposing a troubling rise in investment scams targeting individuals in…
Shockwaves from the Russian government’s hack of Microsoft’s corporate infrastructure continue to spread with news that the software giant is notifying surprised customers that their emails were also stolen by the Midnight Blizzard hackers. According to published reports, Redmond’s incident response team is providing a secure portal for customers to view specifics of emails stolen…
A team of researchers from the University of California San Diego has published a paper detailing a novel attack method targeting Intel CPUs. The chip giant says no new mitigations are required to address it. The new attack, named Indirector, is similar to the well-known Spectre v2 or Spectre Branch Target Injection (BTI) attack. These methods typically allow…
The Indian Computer Emergency Response Team has found multiple vulnerabilities in the Microsoft Edge browser. As per the agency, these vulnerabilities could potentially be exploited by an attacker to compromise the targeted system. After warning Android users of vulnerability, the Indian Computer Emergency Response Team (CERT-In), which operates under the Ministry of Electronics & Information…
SANS-GIAC Workforce research report for the year 2024 is based on a first-of-its-kind survey that analyzed the cybersecurity workforce with the goal of identifying the key factors to successfully build high-performing cybersecurity teams. The report focuses on efforts to hire and retain mid-level cyber security professionals The survey results analysed in this report zero in…
The Bengaluru office now stands as the company’s second-largest globally, following its headquarters in Tel Aviv, Israel. As per the company India’s cyber security market is rapidly evolving, driven by increasingly sophisticated cyber threats. Check Point Software Technologies, a provider of cyber security solutions globally, has recently opened its new office in Bengaluru, to meet the…
During the Hajj season, there is an increased risk of online scams targeting individuals who are planning to make the pilgrimage to Mecca. Fraudsters employ various tactics to deceive and defraud unsuspecting pilgrims. According to the Association of British Travel Agents (ABTA), every year, around 25,000 pilgrims from the UK travel to Saudi Arabia…
(Bloomberg) The Canadian government released its first-ever cybersecurity strategy on Wednesday, with the aim of addressing challenges posed by remote work, cloud computing, aging infrastructure and recruitment. The strategy, announced by Treasury Board President Anita Anand, concluded that government departments and agencies generally lacked “repeatable” processes to identify and respond to new and emerging cyber…
