My Courses
-
DOJ charges 22-year-old accused RapperBot botmaster
A 22-year-old man from Oregon, Ethan Foltz, has been charged with allegedly developing and managing a distributed denial-of-service (DDoS)-for-hire botnet known as RapperBot. The U.S….
-
Apache ActiveMQ exploit allows DripDropper installation on Linux cloud systems
Threat actors are exploiting a nearly two-year-old security flaw in Apache ActiveMQ to gain persistent access to cloud Linux systems and deploy malware known as…
-
AWS Trusted Advisor vulnerability hides public S3 buckets
AWS’s Trusted Advisor tool is designed to alert customers about the public exposure of their S3 storage buckets. However, recent findings by Fog Security researchers…
-
FBI alleges Russian APT group exploiting old Cisco vulnerability (CVE-2018-0171)
Russian state-sponsored hackers, identified as Static Tundra, have been actively exploiting a seven-year-old vulnerability in Cisco devices, specifically CVE-2018-0171. This critical flaw allows attackers to…
-
Git version 2.51: Getting ready for the future by incorporating SHA-256.
Git 2.51 has been released, continuing the ongoing effort to modernise the version control system. This update introduces several technical enhancements, with a significant focus…
-
VPN applications for Android, widely utilized by millions of users, are secretly maintaining connections and are vulnerable to security issues.
A recent study by researchers from Arizona State University and Citizen Lab has revealed that three families of Android VPN apps, collectively boasting over 700…
-
United Kingdom government withdraws Apple backdoor request
The U.K. government has reportedly abandoned its plans to compel Apple to weaken encryption protections and implement a backdoor that would allow access to the…
-
URL-based and QR code phishing increasing
Cybercriminals are increasingly employing advanced social engineering techniques and AI-generated content to create malicious URLs that are difficult for users to identify, according to Proofpoint….
-
CISOs must consider potential risks before hastily adopting AI technologies.
Organisations are increasingly investing in cloud, AI, and emerging technologies, yet their infrastructure and security strategies often lag behind. A recent Unisys survey of 1,000…
-
AI browsers scammed by PromptFix attacks run malicious hidden prompts
Cybersecurity researchers have unveiled a new prompt injection technique known as PromptFix. This method deceives a generative artificial intelligence (GenAI) model by embedding malicious instructions…