Authentic notifications from financial institutions via email and text messaging can help inform users of account activity, such as balances and transactions. However, if a user has consented to receive such notifications, it may be challenging to determine if a notification is real.
A vulnerability has been discovered in Apache Struts2, which could allow for remote code execution. Apache Struts2 is an open-source web application framework used for developing Java web applications. Successful exploitation of this vulnerability could allow for...
Multiple Vulnerabilities have been discovered in Sophos Firewall, the most severe of which could allow for remote code execution. Sophos Firewall is a network security solution. Successful exploitation of the most severe of these vulnerabilities could allow for unauthorized access...
Get ready for an adventure in the Capture the Smart Tag Competition (CSTC)! Teams of three to four students will work together to track down hidden electronic Smart Tags in an area on campus. Students will be provided a short training on Bluetooth Low Energy (BLE) tags and more...
The Federal Trade Commission (FTC) warned job seekers about the continued rise in online job scams. These scams, also known as “task scams,” request for repetitive tasks to be performed. These tasks are often completed in an app or a platform that tracks completed tasks...
Iranian threat actors have deployed a new malware, IOCONTROL, to target Internet of Things (IoT) devices and Operational Technology (OT)/SCADA systems in critical infrastructure across Israel and the United States. Analysts have categorized IOCONTROL as a nation-state...
Multiple vulnerabilities have been discovered in Apple products, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user.
A vulnerability has been discovered in multiple Cleo products that could allow for remote code execution. Cleo’s LexiCom, VLTransfer, and Harmony is software that is used to manage file transfers. Successful exploitation of this vulnerability could allow for remote code execution...
The State and Local Cybersecurity Grant Program (SLCGP) is a federal grant program administered by the United States Department of Homeland Security (DHS) and funded by the Infrastructure Investment and Jobs Act (IIJA ). The overall goal of the SLCGP is to improve...
Analysts began monitoring a phishing scam known as “Payroll Pirates” that involves payroll redirection and primarily targets employees of various organizations, particularly those using Workday. The threat actors use malicious SEO poisoning and spoofed Human Resources (HR) pages.
