Two emergency patches issued in two weeks Hot on the heels of patching a critical bug in Citrix-owned Netscaler ADC and NetScaler Gateway that one security researcher dubbed “CitrixBleed 2,” the embattled networking device vendor today issued an emergency patch for yet another super-serious flaw in the same products — but not before criminals found and exploited it as a zero-day.… READ MORE HERE…
Company at center of findings blamed SEO on outsourcer A website developed for the UK Home Office’s 2022 “flop” anti-encryption campaign has seemingly been hijacked to push a payday loan scheme.… READ MORE HERE…
Why are you even reading this story? Patch now! Citrix patched a critical vulnerability in its NetScaler ADC and NetScaler Gateway products that is already being compared to the infamous CitrixBleed flaw exploited by ransomware gangs and other cyber scum, although there haven’t been any reports of active exploitation. Yet.… READ MORE HERE…
Gotta keep ’em separated so the marketers and snoops can’t come out and play Psylo, which bills itself as a new kind of private web browser, debuted last Tuesday in Apple’s App Store, one day ahead of a report warning about the widespread use of browser fingerprinting for ad tracking and targeting.… READ MORE HERE…
Plus ‘low-level’ hacktivist attempts The US Department of Homeland Security has warned American businesses to guard their networks against Iranian government-sponsored cyberattacks along with “low-level” digital intrusions by pro-Iran hacktivists.… READ MORE HERE…
PLUS: 5.4M healthcare records leak; AI makes Spam harder to spot; Many nasty Linux vulns; and more Infosec in brief A former US Army sergeant has admitted he attempted to sell classified data to China.… READ MORE HERE…
Don’t trust mystery digits popping up in your search bar Scammers are hijacking the search results of people needing 24/7 support from Apple, Bank of America, Facebook, HP, Microsoft, Netflix, and PayPal in an attempt to trick victims into handing over personal or financial info, according to Malwarebytes senior director of research Jérôme Segura.… READ MORE HERE…
If it looks like a duck and walks like a duck… Aflac is the latest insurance company to disclose a security breach following a string of others earlier this week, all of which appear to be part of Scattered Spider’s most recent data theft campaign.… READ MORE HERE…
It’s a marketing move to lure more affiliates, says infosec veteran The latest marketing ploy from the ransomware crooks behind the Qilin operation involves offering affiliates access to a crack team of lawyers to ramp up pressure in ransom negotiations.… READ MORE HERE…
Services coming back online after legacy systems compromised Oxford City Council says a cyberattack earlier this month resulted in 21 years of data being compromised.… READ MORE HERE…