Category: alerts
Cyber Security Monitor Alerts News Notifications. We monitor and send notifications on the latest Cyber Security alerts, blogs, news on data breaches and emerging cyber threats.
-
Automaker Cybersecurity Lagging Behind Tech Adoption, Experts Warn
A bug in Honda is indicative of the sprawling car-attack surface that could give cyberattackers easy access to victims, as global use of ‘smart car tech’ and EVs surges. Read more
-
QNAP Customers Adrift, Waiting on Fix for OpenSSL Bug
QNAP is warning clients that a recently disclosed vulnerability affects most of its NAS devices, with no mitigation available while the vendor readies a patch. Read more
-
Critical RCE Bug in Spring Could Be the Next Log4Shell, Researchers Warn
The so-called ‘Spring4Shell’ bug has cropped up, so to speak, and could be lurking in literally millions of Java applications. Read more
-
Cyberattackers Target UPS Backup Power Devices in Mission-Critical Environments
The active attacks could result in critical-infrastructure damage, business disruption, lateral movement and more. Read more
-
Google Chrome Bug Actively Exploited as Zero-Day
The internet giant issued an update for the bug, which is found in the open-source V8 JavaScript engine. Read more
-
FBI Releases PIN on Phishing Campaign against U.S. Election Officials
Original release date: March 30, 2022 The Federal Bureau of Investigation (FBI) has released a Private Industry Notification (PIN) to warn U.S. election and other state and local government officials about invoice-themed phishing emails that could be used to harvest officials’ login credentials. CISA encourages federal, state, and local government officials to review FBI PIN:… Read more
-
Log4JShell Used to Swarm VMware Servers with Miners, Backdoors
Researchers have found three backdoors and four miners in attacks exploiting the Log4Shell vulnerability, some of which are still ongoing. Read more
-
Mitigating Attacks Against Uninterruptable Power Supply Devices
Original release date: March 29, 2022 CISA and the Department of Energy (DOE) are aware of threat actors gaining access to a variety of internet-connected uninterruptable power supply (UPS) devices, often through unchanged default usernames and passwords. Organizations can mitigate attacks against their UPS devices, which provide emergency power in a variety of applications when… Read more
-
Exchange Servers Speared in IcedID Phishing Campaign
The ever-evolving malware shows off new tactics that use email thread hijacking and other obfuscation techniques to provide advanced evasion techniques. Read more
-
CISA Adds 32 Known Exploited Vulnerabilities to Catalog
Original release date: March 28, 2022 CISA has added 32 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog,… Read more