Nearly 250,000 Records From Tax Credit Consulting Agency Exposed
Research has uncovered an unencrypted, non-password-protected database containing 245,949 records.
Train Hack Gets Proper Attention After 20 Years: Researcher
A vulnerability affecting systems named End-of-Train and Head-of-Train can be exploited by hackers to cause trains to brake. The post Train Hack Gets Proper Attention After 20 Years: Researcher appeared first on SecurityWeek.
CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA
CISA considers the recently disclosed CitrixBleed 2 vulnerability an unacceptable risk and has added it to the KEV catalog. The post CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA appeared first on SecurityWeek.
Google Gemini Tricked Into Showing Phishing Message Hidden in Email
Google Gemini for Workspace can be tricked into displaying a phishing message when asked to summarize an email. The post Google Gemini Tricked Into Showing Phishing Message Hidden in Email appeared first on SecurityWeek.
4 Critical, Known Exploited Vulnerabilities Added to KEV Catalog
CISA added 4 new vulnerabilities to the Known Exploited Vulnerabilities (KEV) Catalogue, citing evidence of active exploitation.
⚡ Weekly Recap: Scattered Spider Arrests, Car Exploits, macOS Malware, Fortinet RCE and More
In cybersecurity, precision matters—and there’s little room for error. A small mistake, missed setting, or quiet misconfiguration can quickly lead to much bigger problems. The signs we’re seeing this week highlight deeper issues behind what might look like routine incidents: outdated tools, slow response to risks, and the ongoing gapRead More »⚡ Weekly Recap: Scattered Spider Arrests, Car Exploits, macOS Malware, Fortinet RCE and More
New Interlock RAT Variant Distributed via FileFix Attacks
The Interlock ransomware group has partnered with the KongTuke TDS to distribute a new RAT variant via FileFix attacks. The post New Interlock RAT Variant Distributed via FileFix Attacks appeared first on SecurityWeek.
Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment
Vulnerabilities in Gigabyte firmware implementations could allow attackers to disable Secure Boot and execute code during the early boot phase. The post Flaws in Gigabyte Firmware Allow Security Bypass, Backdoor Deployment appeared first on SecurityWeek.
Louis Vuitton Data Breach Hits Customers in Several Countries
Louis Vuitton customers in the UK, South Korea, Turkey and possibly other countries are being notified of a data breach. The post Louis Vuitton Data Breach Hits Customers in Several Countries appeared first on SecurityWeek.
Forensic journey: Breaking down the UserAssist artifact structure
Introduction As members of the Global Emergency Response Team (GERT), we work with forensic artifacts on a daily basis to conduct investigations, and one of the most valuable artifacts is UserAssist. It contains useful execution information that helps us determine and track adversarial activities, and reveal malware samples. However, UserAssistRead More »Forensic journey: Breaking down the UserAssist artifact structure