Posted on 04 Dec 2023
Two significant vulnerabilities have been identified in the WebKit web browser engine, impacting a range of Apple devices and operating systems. These vulnerabilities are critical and require immediate attention. Apple has acknowledged these vulnerabilities and released updates for a range of devices. Users are urged to update their devices to the latest versions as soon ...
Posted on 01 Dec 2023
On Thursday, the Office of Foreign Assets Control (OFAC) under the U.S. Department of the Treasury announced sanctions against the North Korean-affiliated group Kimsuky, along with eight international agents accused of aiding in evading sanctions. These sanctions, imposed against the North Korean cyberespionage group, (which is also known as APT43) mark a significant step in ...
Posted on 30 Nov 2023
Overview: Phish Tale of the Week Often times phishing campaigns, created by malicious actors, target users by utilizing social engineering. For example, in this text message, the actors are appearing as Royal Mail, a courier service, and informing you that action needs to be taken regarding your package’s delivery. The message politely explains that “RoyalMail” ...
Posted on 29 Nov 2023
Functioning as a Telegram bot-based toolkit, Telekopye, an e-commerce threat vector, streamlines the execution of advanced phishing operations. It enables perpetrators, referred to as ‘Neanderthals’, to deploy a range of tactics including spear-phishing through crafted HTML pages, domain spoofing, and social engineering via SMS and email phishing campaigns. This toolkit marks a significant escalation in ...
Posted on 27 Nov 2023
Security vulnerabilities are a common occurrence in managing any business’s organizational security. The prompt patching and remediation of any new vulnerabilities are critical to reducing the outside attack surface. Netizen’s Security Operations Center (SOC) has compiled five vulnerabilities from November that should be immediately patched or addressed if present in your environment. Detailed writeups are ...
Posted on 21 Nov 2023
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has taken a significant step towards enhancing the cybersecurity posture of the nation’s critical infrastructure sectors. The agency has announced the launch of an innovative pilot program, aimed at extending cutting-edge cybersecurity shared services to critical infrastructure entities, especially those most in need of such support. This ...
Posted on 20 Nov 2023
Cryptocurrency wallets, particularly those created between 2011 and 2015, have recently been thrust into the spotlight due to a significant vulnerability known as “Randstorm.” This vulnerability has raised concerns across the cryptocurrency community, highlighting the risks associated with outdated software and insufficient security measures in digital asset management. What is the Randstorm Vulnerability? The Randstorm ...
Posted on 16 Nov 2023
In a critical update, Microsoft has addressed 63 vulnerabilities in its operating systems as part of its November 2023 Patch Tuesday. This includes the patching of five zero-day vulnerabilities, three of which are currently being exploited by attackers. These updates are vital for securing systems against potential breaches and attacks. Zero-Day Vulnerabilities in the November ...
Posted on 14 Nov 2023
In a landmark operation in early 2023, the FBI, along with German and Dutch authorities, dismantled Hive, a prolific ransomware group. This collective had extorted over $100 million since June 2021, targeting a wide range of sectors. The FBI’s operation infiltrated Hive’s network over seven months, obtaining decryption keys for over 300 recent victims and ...
Posted on 07 Nov 2023
The discovery of CVE-2023-22518 presents a significant concern for organizations using Confluence Data Center and Server. Atlassian has granted the vulnerability a 10/10 CVSS score based on an internal assessment, however the NVD has yet to provide a score. This is the second major vulnerability discovered in Atlassian Confluence over the past few weeks; CVE-2023-22515, ...
Telephone: 1-844-NETIZEN
Email: Team (at) Netizen.net
Office Locations:
Allentown, PA (Headquarters)
Arlington, VA (DC Region)
Charleston, SC (Southeast Region)
Government visitors can view our contracts page for ways to reach us through streamlined acquisition or direct award options.
We've made it easy and affordable for government agencies to access Netizen's trusted expertise and award-winning solutions.