21.7 C
Johannesburg

AA20-258A: Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity

Original release date: September 14, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) has consistently observed Chinese Ministry of State Security (MSS)-affiliated cyber threat actors using publicly available information sources...

Ransomware And Zoom-Bombing: Cyberattacks Disrupt Back-to-School Plans

Cyberattacks have caused several school systems to delay students' first day back - and experts warn that new COVID-related delays could be the new "snow days." Read more

CEOs Could Be Held Personally Liable for Cyberattacks that Kill

As IT systems, IoT and operational technology converge, attacks on cyber-physical systems in industrial, healthcare and other scenarios will come with dire consequences, Gartner predicts. Read more

Cisco Warns of Active Exploitation of Flaw in Carrier-Grade Routers

Multiple flaws in system software that causes errors in packet handling could allow an attacker to consume memory and crash devices. Read more

AA20-239A: FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks

Original release date: August 26, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor...

Shoring Up the 2020 Election: Secure Vote Tallies Aren’t the Problem

With many in the public sphere warning about a potential compromise of the integrity of the Presidential Election, security researchers instead flag online resources and influence campaigns as the...

AA20-227A: Phishing Emails Used to Deploy KONNI Malware

Original release date: August 14, 2020SummaryThis Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) framework. See the ATT&CK for Enterprise framework for all referenced threat actor...

AA20-225A: Malicious Cyber Actor Spoofing COVID-19 Loan Relief Webpage via Phishing Emails

Original release date: August 12, 2020 | Last revised: August 14, 2020SummaryThe Cybersecurity and Infrastructure Security Agency (CISA) is currently tracking an unknown malicious cyber actor who is spoofing...

Black Hat 2020: Satellite Comms Globally Open to $300 Eavesdropping Hack

Attackers can listen in on internet traffic for high-value targets a continent away, like shipping fleets and oil installations, using some basic home-television gear. Read more

Black Hat 2020: Using Botnets to Manipulate Energy Markets for Big Profits

Black Hat 2020 session discusses how high-wattage connected devices like dishwashers and heating systems can be recruited into botnets and used to manipulate energy markets. Read more

Latest article

CVE-2020-26116

http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the...

CVE-2020-15213

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory...

CVE-2020-15211

In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model...