A finance worker at a multinational firm was tricked into paying out $25 million to fraudsters using deepfake technology to pose as the company’s chief financial officer in a video conference call, according to Hong Kong police.
Four vulnerabilities collectively called "Leaky Vessels" allow hackers to escape containers and access data on the underlying host operating system.
The flaws were discovered by Snyk security researcher Rory McNamara in November 2023, who reported them to impacted parties for fixing.
Snyk has found no signs of active exploitation of the Leaky Vessels flaws in the wild, but the publicity could change the exploitation status, so all impacted system admins are recommended to apply the available security updates as soon as possible.
Summary Chaining of three vulnerabilities allows unauthenticated attackers to execute arbitrary command with root privileges on Zyxel VPN firewall (VPN50, VPN100, VPN300, VPN500, VPN1000). Due to recent attack surface changes in Zyxel, the chain described below broke and become unusable – we have decided to disclose this even though it is no longer exploitable. Credit … SSD Advisory – Zyxel VPN Series Pre-auth Remote Command Execution Read More »
Explore the shift in phishing from Dark web to Telegram, where cybercriminals trade tools and data, and uncover Guardio's insights on countering this menace.
À la suite d’une cyberattaque ayant touché SolarWinds Corp., la SEC a déposé une action civile contre la société qui aurait trompé les investisseurs sur ses pratiques en matière de cybersécurité. Cette action civile met en évidence, d’une part, les mauvaises pratiques adoptées par la société, et d’autre part, l’importance accrue que la SEC porte sur les informations en matière de cybersécurité que les sociétés publient à l’attention des investisseurs.
Resecurity identified bad actors offering a significant number of AnyDesk customer credentials for sale on the Dark Web.
