Tips to avoid Christmas scams During Black Friday and Cyber Monday you probably noticed that your email inbox was even busier than ever. Desperate to boost sales, retailers have been emailing all of their contacts with their latest offers. And if you looked closely, you may have noticed some of those messages were not what they seemed. Cybercriminals love Ch

Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-6345, in the Chrome browser. Google on Wednesday released security updates to address a new actively exploited zero-day, tracked as CVE-2023-6345, in the Chrome browser. The CVE-2023-5217 is a high-severity integer overflow in Skia. Skia is

Web server security is the cornerstone of a robust online presence. In an era dominated by digital interactions, the integrity and protection of web servers have never been more critical.  The ever-evolving landscape of cyber threats demands unwavering vigilance and proactive measures to safeguard sensitive data, maintain uptime, and ensure uninterru

Thousands of secrets have been left exposed on Docker Hub, a platform where web developers collaborate on their code for web applications. While some are harmless API keys, others could lead to unauthorized access, data breaches, or identity theft, the latest Cybernews research reveals. The Docker Hub store has at least 5,493 container images that contain

The US Healthcare provider Ardent Health Services disclosed that it was the victim of a ransomware attack last week. Ardent Health Services is a healthcare company that operates hospitals and other medical facilities in the United States. It is a for-profit health system with a focus on acquiring, managing, and improving hospitals. Ardent Health Services

Dear list members,we are looking for voluntary participants for our survey, which was developed in the context of a master thesis at the University of Erlangen-Nuremberg.The goal of the survey is to determine potential difficulties that may occur when dealing with security advisories.The focus of the study lies on the acquisition and maintenance of security

Ukraine’s intelligence service announced the hack of the Russian Federal Air Transport Agency, ‘Rosaviatsia.’ Ukraine’s intelligence service announced they have hacked Russia’s Federal Air Transport Agency, ‘Rosaviatsia.’ The attack is the result of a complex special cyber operation. “The Defence Intellig

Threat actors breached the Municipal Water Authority of Aliquippa in Pennsylvania and took control of a booster station. During the weekend, Iranian threat actors hacked the Municipal Water Authority of Aliquippa (MWAA) and took control of one of their booster stations. The Authority pointed out that the attack did not impact the operations at the faci

Last week on Malwarebytes Labs: Windows Hello fingerprint authentication can be bypassed on popular laptops Citrix Bleed widely exploitated, warn government agencies Chrome pushes forward with plans to limit ad blockers in the future $19 Stanley cup deal is a Black Friday scam Malwarebytes consumer product roundup: The latest Explained: Pr

The cyber attack that hit the managed service provider (MSP) CTS potentially impacted hundreds in the United Kingdom. CTS is a trusted provider of IT services to the legal sector in the UK. The company announced that it is investigating a cyber attack that caused a service outage. The incident impacted a portion of the services. The security incident p

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Rhysida ransomware gang claimed China Energy hackNorth Korea-linked APT Lazarus is using a MagicLine4

Almost a million files with minors’ data, including home addresses and photos were left open to anyone on the internet, posing a threat to children. During a recent investigation, the Cybernews research team discovered that IT company Appscook – which develops applications used by more than 600 schools in India and Sri Lanka for education management

Microsoft announced this week it will pay up to $20,000 for security vulnerabilities in its Defender products. Microsoft launched its new Microsoft Defender Bounty Program with a focus on Defender products and services. The company will pay up to $20,000 for the vulnerabilities in its Defender products. The bug bounty program starts with Defender for E

Researchers warn of publicly exposed Kubernetes configuration secrets that could pose a threat of supply chain attack for organizations. Aqua Nautilus researchers warn of publicly exposed Kubernetes configuration secrets that put organizations at risk of supply chain attacks. The experts noticed that these misconfigurations impact hundreds of organizat

In today’s mobile-centric world, we rely on smartphone apps for just about everything – from ordering food to managing our finances. However, behind the scenes, there’s an ongoing battle to keep these apps safe from cyber threats. This battle is what we call “Mobile Application Security Testing.” Did you know that in 2022, mobile a