Application Security

Beware of Malicious Packages: TurkoRat Malware Concealed in npm Repository

Dimitris Gkoutzamanis - May 19, 2023

Recently, two packages named nodejs-encrypt-agent and nodejs-cookie-proxy-agent were detected on the npm package repository. Shockingly, these packages contained a dangerous information stealer malware known...

Application Security

Beware of Malicious Loaders: Android Apps Infected with Trojanized Malware

TheCISO - April 11, 2023

As the number of mobile phone users is increasing, so is the number of security threats that come along with it. Criminals have found...

Application Security

Protect Your Network Now: US CISA Adds Veritas Backup Exec Vulnerabilities to Its Exploited Vulnerabilities Catalog

TheCISO - April 9, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) in the US has recently updated its Known Exploited Vulnerabilities Catalog to include five new issues that...

Application Security

Beware of Nexus: A New Android Banking Trojan Targeting Financial Apps

Dimitris Gkoutzamanis - March 26, 2023

Introduction to Nexus A newly discovered Android banking trojan called Nexus is causing havoc in the financial industry. Cybersecurity analysts at Cleafy detected the...

Application Security

New PerlBot Malware Targeting Poorly Managed Linux SSH Servers

Dimitris Gkoutzamanis - March 23, 2023

AhnLab Security Emergency Response Center (ASEC) has uncovered a new variant of the ShellBot malware, which is also known as PerlBot. This Perl-based DDoS...

Application Security

Protect Yourself from Bitwarden’s Risky Autofill Feature

Dimitris Gkoutzamanis - March 11, 2023

Bitwarden, a popular open-source password management service, has a potentially dangerous security flaw that could allow threat actors to steal login credentials through malicious...

News

HeadCrab Malware Threatens Redis Servers

TheCISO - February 5, 2023

A new type of malware, dubbed "HeadCrab", has been discovered by Nitzan Yaakov and Asaf Eitani, researchers at Aqua Security. It is designed to...

Vulnerabilities

Critical Vulnerability Discovered in Jira Service Management Server and Data Center

TheCISO - February 4, 2023

A critical security vulnerability has been discovered in Jira Service Management Server and Data Center, which has been assigned the CVE identifier CVE-2023-22501 and...

Application Security

Zero-Day Vulnerability Found in Fortra’s GoAnywhere MFT

TheCISO - February 4, 2023

A dangerous zero-day vulnerability has been discovered in Fortra's GoAnywhere Managed File Transfer (MFT) application and is currently being actively exploited. Security reporter Brian...

Application Security

Apple Announces New Security Features

TheCISO - December 11, 2022

Apple has announced the introduction of three new advanced security features focused on protecting against threats to user data in the cloud. “At Apple, we...

News

Half of Twitter’s Workers Have Access to Its Code And User Confidential Data

TheCISO - August 24, 2022

Twitter's former head of security accused the social media company and its executives of “extensive legal violations.” Peiter Zatko, Twitter’s head of security who was...

Articles

Three New Web Application Security Risks Climb Up The OWASP Top 10

Dimitris Gkoutzamanis - April 22, 2022

OWASP Top 10 is a standard awareness document which represent a consensus about the most critical security risks to web applications. For the year 2021,...

12 3 Page 1 of 3

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Application Security

Latest

Unveiling the Reign of GUI-vil: Financially Motivated Cyberthreat Group Targeting AWS Accounts

Former IT Security Analyst Turns Dark: Inside the Shocking Cyber Attack Hijack

Apple Restricting AI Tools to Safeguard Confidential Data

Unveiling the Resilience of Satellite Infrastructure: Ethical Hackers Expose Vulnerabilities

Meta Slapped with €1.2 Billion GDPR Penalty

Empowering Gmail Users: Dark Web Monitoring and Exciting Feature Upgrades from Google

The Powerful Phishing-as-a-Service Platform Targeting Microsoft 365 Users

Beware of Malicious Packages: TurkoRat Malware Concealed in npm Repository

Unveiling the Power-Packed Merdoor: Lancefly APT Group’s Custom Backdoor Wreaks Havoc in South and Southeast Asia

Discord Data Breach: Unveiling a Security Incident and Enhancing User Protection

Detecting Unquoted Service Paths: An Essential Security Measure for Penetration Testers and Blue Teams

Securing Cloud Data with a CASB: A Guide to Selection and Implementation

LockBit Ransomware Group Issues Unconditional Apology and Promises Free Decryptor for Victims

Trigona Ransomware: A Menacing Threat to Windows Users

Breach Alert: Kodi’s User Database Hacked and Stolen

Cyber Attack on NATO by KillNet: A Threat to Global Security

Unmasking the Cryptocurrency Stealer Malware: A Sophisticated Supply Chain Attack on .NET Developers

Beware of Malicious Loaders: Android Apps Infected with Trojanized Malware

Protect Your Apple Devices: Two Zero-Day Vulnerabilities Exploited by Hackers

Protect Your Network Now: US CISA Adds Veritas Backup Exec Vulnerabilities to Its Exploited Vulnerabilities Catalog

Menu

Popular Categories