2 US Cybersecurity Experts Jailed for Aiding ALPHV (BlackCat) Ransomware

Two US cybersecurity experts jailed for aiding BlackCat ransomware group, extorting victims worldwide and exploiting insider access for profit...

CompuGroup Medical MEDICO 安全漏洞

CompuGroup Medical MEDICO is a hospital information system software from CompuGroup Medical, Inc. A security vulnerability exists in CompuGroup Medical MEDICO that stems from an insecure implementation of DNET's proprietary protocol, which could lead to eavesdropping and manipulation of protocol...

wildfly: Wildfly vulnerable to Cross-Site Scripting (XSS)

A vulnerability was found in Wildfly, where a user may perform Cross-site scripting in the Wildfly deployment system. This flaw allows an attacker or insider to execute a deployment with a malicious payload, which could trigger undesired behavior against the server...

PT-2022-19423

Name of the Vulnerable Software and Affected Versions Argo Workflows versions prior to the fixed version Description Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. In affected versions, an attacker can create a workflow that produc...

Lapsus$ Hackers Target T-Mobile

T-Mobile confirmed that the extortion group Lapsus$ gains access to their system “several weeks ago”. The telecom giant responded to a report by a journalist Brian Krebs, who accessed the internal chats from the private Telegram channel of the core Lapsus$ gang members. The company added that it...

Twitter Hacked in Bitcoin Scam

It started with one weird tweet. Then another. Quickly, some of the most prominent accounts on Twitter were all sending out the same message; I am giving back to the community. All Bitcoin sent to the address below will be sent back double! If you send $1,000, I will send back $2,000. Only doing...

Lock and Code S1Ep6: Recognizing facial recognition’s flaws with Chris Boyd

This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the Internet. In addition, we talk to Chris Boyd, lead malware intelligence analyst at Malwarebytes, about facial recognition technology—its early history, its proven failures at accuracy, an...

Rogue TrendMicro Employee Sold Customer Data to Tech Support Scammers

Do you always uncomfortable trusting companies with your data? If so, you're not alone. While companies do much to protect themselves from external threats, insiders always pose the highest risk to a company's data. Unfortunately, when we say companies can't eliminate insider threat completely,...

Humans Are the Weakest Link in Security

In our recent analysis of penetration testing engagements contained in our Penetration Risk Report, we discuss the impact that social engineering, specifically phishing, has on the ability to allow attackers insider access to compromise an organization...

Humans Are the Weakest Link in Security

In our recent analysis of penetration testing engagements contained in our Penetration Risk Report, we discuss the impact that social engineering, specifically phishing, has on the ability to allow attackers insider access to compromise an organization...