by Beck Bailey | Sep 4, 2023 | RSS
Cybersecurity researchers have called attention to a new antivirus evasion technique that involves embedding a malicious Microsoft Word file into a PDF file. The sneaky method, dubbed MalDoc in PDF by JPCERT/CC, is said to have been employed in an in-the-wild attack...
by Beck Bailey | Sep 4, 2023 | RSS
A new large-scale smishing campaign is targeting the U.S. by sending iMessages from compromised Apple iCloud accounts with an aim to conduct identity theft and financial fraud. “The Chinese-speaking threat actors behind this campaign are operating a package-tracking...
by Beck Bailey | Sep 3, 2023 | RSS
Proof-of-concept (PoC) exploit code has been made available for a recently disclosed and patched critical flaw impacting VMware Aria Operations for Networks (formerly vRealize Network Insight). The flaw, tracked as CVE-2023-34039, is rated 9.8 out of a maximum of 10...
by Beck Bailey | Sep 2, 2023 | RSS
Identity services provider Okta on Friday warned of social engineering attacks orchestrated by threat actors to obtain elevated administrator permissions. “In recent weeks, multiple US-based Okta customers have reported a consistent pattern of social engineering...
by Beck Bailey | Sep 1, 2023 | RSS
The National Cyber Security Centre provides details on prompt injection and data poisoning attacks so organizations using machine-learning models can mitigate the risks.
Recent Comments