Ivanti warns of a new actively exploited zero-day
Ivanti warns of two new vulnerabilities in its Connect Secure and Policy Secure products, one of which is actively exploited…
Security
CFPB’s Proposed Data Rules
In October, the Consumer Financial Protection Bureau (CFPB) proposed a set of rules that if implemented would transform how financial…
Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware
Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. In early…
Data leak at fintech giant Direct Trading Technologies
Sensitive data and trading activity of over 300K traders leaked online by international fintech firm Direct Trading Technologies. Direct Trading…
Root access vulnerability in GNU Library C (glibc) impacts many Linux distros
Qualys researchers discovered a root access flaw, tracked as CVE-2023-6246, in GNU Library C (glibc) affecting multiple Linux distributions. The…
Italian data protection authority said that ChatGPT violated EU privacy laws
Italian data protection authority regulator authority Garante said that ChatGPT violated European Union data privacy regulations. The Italian data protection…
New Images of Colossus Released
GCHQ has released new images of the WWII Colossus code-breaking computer, celebrating the machine’s eightieth anniversary (birthday?). News article.
750 million Indian mobile subscribers’ data offered for sale on dark web
Data of 750 million Indian mobile subscribers was offered for sale on dark web hacker forums earlier in January. CloudSEK…
Server-Side Template Injection Vulnerability in Confluence Data Center and Server (CVE-2023-22527)
Introduction On January 16 2024, Atlassian issued a significant alert on a critical Server-Side Template Injection (SSTI) vulnerability in Confluence…
Juniper Networks released out-of-band updates to fix high-severity flaws
Juniper Networks released out-of-band updates to fix high-severity flaws in SRX Series and EX Series that can allow attackers to…