Threat researcher Kevin Beaumont has been tracking attacks against various companies, including the Industrial and Commercial Bank of China (ICBC), DP World, Allen & Overy, and Boeing, and found they had something in common. These were exposed Citrix servers vulnerable to the Citrix Bleed flaw, which he says the LockBit Read more…
Malicious actors have been abusing Ethereum’s ‘Create2’ function to bypass wallet security alerts and poison cryptocurrency addresses, which led to stealing $60,000,000 worth of cryptocurrency from 99,000 people in six months. This is reported by Web3 anti-scam specialists at ‘Scam Sniffer,’ who observed several cases of in-the-wild exploitation of the Read more…
The FBI and CISA revealed in a joint advisory that the Royal ransomware gang has breached the networks of at least 350 organizations worldwide since September 2022. In an update to the original advisory published in March with additional information discovered during FBI investigations, the two agencies also noted that Read more…
The Common Vulnerability Scoring System (CVSS) is an open standard for assessing the severity of computer security vulnerabilities. CVSS scores are used by organizations and individuals around the world to prioritize vulnerability remediation and make informed security decisions. On November 1, 2023, the Forum of Incident Response and Security Teams Read more…
November 1st, 2023 – Critical in the interface between supplier and consumer, CVSS provides a way to capture the principal characteristics of a security vulnerability and produces a numerical score reflecting its technical severity to inform and provide guidance to businesses, service providers, government, and the public. The numerical score Read more…