Dangerous XSS Bugs in RedCAP Threaten Academic & Scientific Research – Dark Reading
The security vulnerabilities, CVE-2024-37394, CVE-2024-37395, and CVE-2024-37396, could lay open proprietary and sensitive research to data thieves. – Read More
July 2024
DigiCert to Revoke 83,000+ SSL Certificates Due to Domain Validation Oversight – The Hacker News
Certificate authority (CA) DigiCert has warned that it will be revoking a subset of SSL/TLS certificates within 24 hours due to an oversight with how it verified if a digital…
Would Making Ransom Payments Illegal Result in Fewer Attacks? – Dark Reading
If paying a ransom is prohibited, organizations won’t do it — eliminating the incentive for cybercriminals. Problem solved, it seems. Or is it? – Read More
North Korea-Linked Malware Targets Developers on Windows, Linux, and macOS – The Hacker News
The threat actors behind an ongoing malware campaign targeting software developers have demonstrated new malware and tactics, expanding their focus to include Windows, Linux, and macOS systems. The activity cluster,…
Don’t Let Your Domain Name Become a “Sitting Duck” – Krebs on Security
More than a million domain names — including many registered by Fortune 100 firms and brand protection companies — are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at…
Dynamically Evolving SMS Stealer Threatens Global Android Users – Dark Reading
A network of more than 2,600 Telegram bots has helped exfiltrate one-time passwords and data from devices for more than two years. – Read More
Definely secures £585,000 Innovate UK grant – Legal IT Insider
UK-founded legal tech startup Definely has been awarded a £585,000 grant from Innovate UK. The funding, which closely follows Definely’s $7m Series A in May, will support Definely’s focus on…
Hottest selling product on the darknet: Hacked gen AI accounts – CSO Online
Cybercriminals looking to abuse the power of generative AI to build phishing campaigns and sophisticated malware can now purchase easy access to them from underground marketplaces as large numbers of…
Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware – The Hacker News
Japanese organizations are the target of a Chinese nation-state threat actor that leverages malware families like LODEINFO and NOOPDOOR to harvest sensitive information from compromised hosts while stealthily remaining under…
How To Get the Most From Your Security Team’s Email Alert Budget – The Hacker News
We’ll TL;DR the FUDdy introduction: we all know that phishing attacks are on the rise in scale and complexity, that AI is enabling more sophisticated attacks that evade traditional defenses,…
Cybercriminals Deploy 100K+ Malware Android Apps to Steal OTP Codes – The Hacker News
A new malicious campaign has been observed making use of malicious Android apps to steal users’ SMS messages since at least February 2022 as part of a large-scale campaign. The…
Cyber Espionage Group XDSpy Targets Companies in Russia and Moldova – The Hacker News
Companies in Russia and Moldova have been the target of a phishing campaign orchestrated by a little-known cyber espionage group known as XDSpy. The findings come from cybersecurity firm F.A.C.C.T.,…
World’s largest law firm sees revenue growth – Legal Cheek
Dentons continues City trend of positive financial gains The world’s largest law firm by lawyer headcount has seen revenues increase over the past financial year, thanks in part to an…
Supporting public authorities to be open and transparent – ICO News
Around this time last year, I wrote about our new Upstream Regulation team and our focus on supporting public authorities to be open and accountable with the public they serve.…
7 top cloud security threats — and how to address them – CSO Online
For any enterprise relying on the cloud to accommodate a rapidly growing number of services, ensuring security is a top priority. Yet as most cloud adopters soon realize, migrating to…