Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor’s Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. The attacks seek to exploit CVE-2024-45519, a severe security flaw in Zimbra’s postjournal service that could enable unauthenticated attackers to execute arbitrary commands on
Read More
A new set of malicious packages has been unearthed in the Python Package Index (PyPI) repository that masqueraded as cryptocurrency wallet recovery and management services, only to siphon sensitive data and facilitate the theft of valuable digital assets. “The attack targeted users of Atomic, Trust Wallet, Metamask, Ronin, TronLink, Exodus, and other prominent wallets in
Read More
Attackers are increasingly turning to session hijacking to get around widespread MFA adoption. The data supports this, as: But session hijacking isn’t a new technique – so what’s changed? Session hijacking has a new look# When we think of the classic example of session hijacking, we think of old-school Man-in-the-Middle (MitM) attacks that involved snooping on
Read More
The Irish Data Protection Commission (DPC) has fined Meta €91 million ($101.56 million) as part of a probe into a security lapse in March 2019, when the company disclosed that it had mistakenly stored users’ passwords in plaintext in its systems. The investigation, launched by the DPC the next month, found that the social media giant violated four different
Read More
Our mission is to educate our customer base, build capacity in every country we operate in and make cyber security affordable to all