Latest Cybersecurity News and Articles

Smishing Campaigns Exploit Cellular Routers to Target Belgium

A wave of smishing attacks has been traced to exploited Milesight Industrial Cellular Routers, with attackers abusing their APIs to send phishing SMS messages. These campaigns primarily target Belgian users.

Google Project Zero Exposes ASLR Bypass Vulnerability in Apple’s Serialization Framework

Researchers have uncovered a novel technique to bypass Address Space Layout Randomization (ASLR) in Apple devices by exploiting deterministic behaviors in the NSKeyedArchiver and NSKeyedUnarchiver serialization frameworks.

Festo CPX-CEC-C1 and CPX-CMXX

A critical vulnerability (CVE-2022-3079) has been identified in Festo CPX-CEC-C1 and CPX-CMXX control blocks. This flaw allows unauthenticated, remote access to critical webpage functions, potentially resulting in a denial of service (DoS).

Hack of US Surveillance Provider RemoteCOM Exposes Court Data

A significant data breach has compromised RemoteCOM, a US-based surveillance provider, exposing highly sensitive data of nearly 14,000 individuals under court supervision and 6,896 law enforcement personnel.

Tesla Fixes TCU USB Flaw Allowing Root Access

A critical vulnerability in Tesla’s TCU allowed attackers with physical access to gain root-level code execution. The flaw has been patched via an over-the-air (OTA) update.

WestJet confirms recent breach exposed customers' passports

A recent cybersecurity incident at Canadian airline WestJet has resulted in the exposure of sensitive customer data, including passport and government-issued ID information. The breach has been confirmed to involve personal data exfiltration.

New MatrixPDF toolkit turns PDFs into phishing and malware lures

A new phishing and malware distribution toolkit named MatrixPDF has emerged, enabling threat actors to weaponize PDF files for credential theft and malware delivery. It embeds JS actions that execute when a document is opened.

$50 Battering RAM Attack Breaks Intel and AMD Cloud Security Protections

A newly disclosed hardware-based attack, dubbed Battering RAM, enables attackers to bypass memory encryption protections in Intel SGX and AMD SEV-SNP technologies. It leverages a low-cost DDR4 interposer to manipulate memory access.

UK government to be guarantor for Jaguar Land Rover loan as it recovers from cyberattack

The British government announced it is underwriting a loan for auto manufacturer Jaguar Land Rover (JLR) as the company and its supply chain attempt to recover from the disruption caused by a cyberattack earlier this month.

Ransomware gang sought BBC reporter’s help in hacking media giant

Cybersecurity correspondent Joe Tidy revealed in a story on the BBC that the hackers wanted to use his laptop to breach the British public-service broadcaster's network and then ask for a ransom.

Defend Against Threats with Cyber Fusion

Cyware is the leading provider of cyber fusion solutions that power threat intelligence sharing , end-to-end automation and 360-degree threat response.

Trending Tags