Vulnerabilities - The Data Breach Times

April 19, 2025

1078 views 2 mins 0

100,000 Americans Exposed As Hertz Warns Customers’ Names, Contact Details, Credit Card Information, Social Security Numbers Leaked in Vendor’s Data Breach

The Daily Hodl reports: A car rental giant says sensitive customer data has been exposed in a cybersecurity incident involving one of its vendors. In a notice posted on its website, Hertz says that its vendor, Cleo Communications US, witnessed a zero-day vulnerability exploit late last year that enabled thieves to siphon customer data. Notifications on various […]

Vulnerabilities, Vendor News

April 17, 2025

829 views 15 secs 0

Alert: Cisco Warns of Webex Vulnerability That Lets Hackers Exploit Meeting Links

UC Today reports: Read more at UC Today.

Vulnerabilities

April 12, 2025

802 views 47 secs 0

CISA Advisory Healthcare INFINITT PACS

Alert Code: ICSMA-25-100-01 Read more at CISA.

Vulnerabilities, News

April 05, 2025

905 views 49 secs 0

CISA warns of latest Ivanti firewall bug being exploited by suspected Chinese hackers

The Record reports: Another vulnerability impacting firewall products from Ivanti is being exploited by alleged China-based hackers. An Ivanti advisory released on Thursday confirmed that a “limited number of customers” have been attacked through a bug impacting its Connect Secure, Policy Secure & ZTA Gateways tools — which are used by large organizations and government clients to […]

Vulnerabilities, News

February 19, 2025

831 views 3 secs 0

Palo Alto Networks warns of another firewall vulnerability under attack by hackers

TechCrunch reports: U.S. cybersecurity giant Palo Alto Networks has warned that hackers are exploiting another vulnerability in its firewall software to break into unpatched customer networks. Attackers are exploiting a recently disclosed vulnerability in PAN-OS, the operating system that runs Palo Alto Networks firewalls, the California-based company confirmed on Tuesday. Cybersecurity firm Assetnote first discovered the vulnerability, […]

Vulnerabilities

February 18, 2025

767 views 19 secs 0

Stealthy Malware in WordPress Sites Enables Remote Code Execution by Hackers

GBHackers reports that researchers have uncovered malware targeting WordPress websites, leveraging hidden backdoors to enable remote code execution (RCE): One notable case involved attackers embedding malicious scripts within the Must-Use Plugins (mu-plugins) directory, a special WordPress folder that automatically loads plugins on every page load without requiring activation. By placing obfuscated PHP code in this directory, attackers […]

Data Breach News, Cyberattack, Vulnerabilities

February 16, 2025

805 views 0 secs 0

China-linked APT Salt Typhoon has breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices.

Security Affairs reports: China-linked APT group Salt Typhoon is still targeting telecommunications providers worldwide, and according to a new report published by Recorded Future’s Insikt Group, the threat actors has breached more U.S. telecommunications providers by exploiting unpatched Cisco IOS XE network devices. Insikt Group researchers reported that the Chinese hacked have exploited two Cisco flaws, tracked […]

New Threats, Vulnerabilities

February 11, 2025

1749 views 43 secs 0

Abandoned AWS Cloud Storage: A Major Cyberattack Vector

Everything old is exploitable again? DarkReading reports: Abandoned cloud storage buckets present a major, but largely overlooked, threat to Internet security, new research has shown. The risks arise when bad actors discover and re-register these neglected digital repositories under their original name, and then use them to deliver malware or carry out other malicious actions […]

Consumer Alerts, Vulnerabilities

February 05, 2025

357 views 11 secs 0

Android users must update their phones now over bugs that allow hackers to bypass passwords and hijack devices

Mobile phone owners are strongly advised to install the latest security update ASAP The Irish Sun reports: ANDROID users have been told to update their phones immediately to fix two bugs that allowed hackers to hijack devices. One bug, which meant hackers could install malware or steal files from devices without even needing a password, […]

Vulnerabilities, News

February 02, 2025

794 views 10 secs 0

FDA, CISA warn of backdoor in popular patient monitor used by US hospitals

The Record reports: Federal agencies are warning hospitals of a backdoor discovered in a popular line of patient monitors sold by Chinese company Contec. The Cybersecurity and Infrastructure Security Agency (CISA) and Food and Drug Administration (FDA) released warnings on Thursday about an embedded function they found in the firmware of the Contec CMS8000 — […]