Zimbra’s email suite flaw allows stealing login credentials
A security researcher for Sonarsource has discovered a high severity vulnerability impacting
Each week Zacco tracks the latest cyber security threats, current industry news or trends and insights into the latest protection best practice. The Cyber Security Digest is a weekly compilation of the most significant developments within both cybersecurity and digital protection space, with links to further information on how it might affect you, your company or your clients.
Essential reading for cyber security professionals, as well as the general public, to keep you informed of current events and emerging threats.
A security researcher for Sonarsource has discovered a high severity vulnerability impacting
1 million WordPress websites using a popular plugin Ninja forms have been
Microsoft released security patches for 56 vulnerabilities in June 2022. Out of
A group of highly sophisticated hackers based out of China has been
State-sponsored threat actors are exploiting the recently disclosed Microsoft vulnerability. The main targets of the threat actors are the users from Europe and US regions.
Multiple ransomware gangs are actively exploiting the recently disclosed Remote Code Execution vulnerability in Atlassian Confluence servers. An attacker can take over a vulnerable server by exploiting the OGNL injection vulnerability.
MIT researchers have discovered a flaw in the Apple M1 chip which has been dubbed PACMAN. A successful exploit could allow threat actors to execute arbitrary code execution on macOS systems.
Security researchers from the University of California San Diego have revealed for the first time that Bluetooth signals can be fingerprinted to track down smartphones there for individuals.
VPN service provider Express VPN on Friday said that it is removing Indian based VPN servers in response to the new cybersecurity directive issued by the Indian Computer Emergency Response Team (CERT-In).
There has been an increasing amount of interest in targeting the Windows Subsystem for Linux (WSL). Threat actors can connect to compromised systems through Telegram and can send messages to the compromised systems.
Security researchers from Volexity as part of an investigation on the attack that took place on Memorial Day weekend discovered the issue. Atlassian on Friday has addressed an actively exploited critical remote code execution flaw in Confluence Server and Data Centre products.
A new security vulnerability has been discovered in the UNISOC chipset that could potentially allow hackers to disrupt radio communications through a malformed packet.
Ivan Fratric from Google Project Zero discovered and reported the flaws in Zoom Video conferencing in February 2022. The severity scale ranged from 5.9 to 8.1. All four flaws have been addressed and fixed.
Security researchers from Check Point Research have identified a new spy campaign dubbed “Twisted Panda”. The main target of this APT gang is two Russian defence institutes and a research facility in Belarus.
The Maintainers of the Talis project have issued a warning that the Tor browser bundled with the operating system is unsafe for accessing or entering sensitive information. This issue comes out after Mozilla issued fixes for two critical Zero-day flaws in its Firefox browser, a modified version of this acts as the base for the Tor browser.
Security researchers from Microsoft have identified a high severity vulnerability in a framework used in Android apps. Multiple large mobile service providers have been observed to have security flaws in their apps. All the involved parties have taken the necessary steps to fix it.