API security

Page 8. Back to first page.

Novel malware enables C2 communications by exploiting GTP

SC StaffMarch 1, 2024

A newly discovered Linux malware dubbed GTPDOOR can establish command-and-control communications in compromised devices by leveraging the GPRS Tunnelling Protocol,

Firewalls, Routers

CISA warns of root persistence in hacked Ivanti devices

SC StaffMarch 1, 2024

CISA urged enterprises to weigh the risks of continued use of previously compromised Ivanti VPN appliances.

API security

GitHub battles massive attack of malware repos

SC StaffFebruary 29, 2024

GitHub is having difficulty stopping an ongoing attack impacting millions of code repositories.

Microsoft fixes six critical bugs on Patch Tuesday

API security

Lazarus Group exploits Dell driver to bypass Windows security

SC StaffFebruary 29, 2024

North Korean threat actor organization the Lazarus Group used a zero-day vulnerability in the Windows AppLocker driver,

close up on man hand type password on keyboard computer desktop to access VPN mode

API security

Chinese threat actors continue exploiting Ivanti VPN flaws using new malware

SC StaffFebruary 29, 2024

Ivanti addressed the flaws on Jan. 31 and patched a fifth vulnerability in its enterprise VPN and network access products roughly a week later.

API security

Millions of WordPress sites vulnerable to compromise due to plugin bug

SC StaffFebruary 28, 2024

Five million WordPress sites could be compromised due to an unauthenticated site-wide cross-site scripting flaw in the LiteSpeed Cache plugin.

API security

Hacked Ubiquiti routers leveraged in APT28 cyber operations

SC StaffFebruary 28, 2024

Hijacked Ubiquiti EdgeRouters were reported by the FBI, National Security Agency, U.S. Cyber Command, and other law enforcement agencies around the world to have been exploited by Russian state-sponsored threat operation APT28.