Alerts
Stay updated with CyberLabs’ latest news alerts covering critical cybersecurity incidents, breaking threats, and important industry developments that matter to your digital safety.
POC released for critical Microsoft Word bug
14 Mar 2023
Security researcher Joshua Drake has found an exploit in Microsoft Word and published a proof-of-concept for the serious flaw, known as CVE-2023-21716. A remote attacker can take advantage of the flaw to execute any code they want on a computer running the vulnerable software.
Read More
Chinese hackers adopt a new customized backdoor
7 Mar 2023
As part of an ongoing social engineering campaign that started in January 2023, the China-aligned Mustang Panda actor has been seen exploiting a previously unknown custom backdoor named MQsTTang. MQsTTang was found by ESET researchers in a campaign that began in January 2023 and is still active today. Targeting Taiwan and Ukraine in particular, the effort aims to influence political and governmental institutions in Europe and Asia.
Read More
Fortinet fixes vulnerabilities in FortiNAC and FortiWeb
28 Feb 2023
FortiNAC and FortiWeb products were affected by two severe issues, which led Footinet to post 40 security warnings to advise users that patches were now available for a number of vulnerabilities. A ‘critical’ severity level has been assigned to two of the warnings, and a ‘high’ severity grade to fifteen of them.
Read More
GoDaddy Discloses Multi-Year Security Breach
20 Feb 2023
GoDaddy has discovered a significant, multi-year security flaw that gave hackers access to the company’s source code and allowed them to also install malware on the servers. Even while there is never a good time for a security breach, this one is particularly bad and may raise questions about the company’s ability to provide reliable web hosting and domain services.
Read More
Apple releases fix WebKit zero-day vulnerability
14 Feb 2023
Apple on 13thFebruary 2023, released a fix for zero-day vulnerability in iPads, Macs and iPhones.
Read More
Broken Authentication vulnerability in Jira Service Management
7 Feb 2023
Jira Service Management Server and Data Center had serious security flaws that have been fixed by Atlassian. An attacker might use these flaws to impersonate another user and access vulnerable instances without authorization.
Read More
Microsoft advises administrators to patch Exchange servers
31 Jan 2023
Microsoft advises users to maintain their Exchange servers’ security updates as well as take precautions to strengthen the environment, like turning on Windows Extended Protection and establishing certificate-based signing of PowerShell serialization payloads.
Read More
GoTo Suffers a Data Breach
26 Jan 2023
Owner of LastPass, GoTo confirms that backups belonging to customers were stolen by hackers. The organization, which was once known as LogMeIn, has disclosed that the hackers received not only encrypted backups of user data but also an encryption key for at least some of that data.
Read More
Thousands of Norton LifeLock customer accounts breached
19 Jan 2023
Thousands NortonLifeLock customer accounts have been compromised. The parent firm of Norton LifeLock, Gen Digital, informed clients of the hack is through a credential stuffing attempt. The business claimed that it discovered the accounts had been compromised as early as December 1, around two weeks before its systems discovered a “high volume” of unsuccessful login attempts to client accounts on December 12.
Read More
Toyota reports a data breach
10 Jan 2023
A widespread cyberattack on Toyota has revealed several customers’ private information. Toyota confirmed the situation in a statement made public, admitting that some of its customers’ private information may have been made available online. The extent of the penetration is still unknown, though.
Read More
Twitter database leaks with 235 Million records
5 Jan 2023
On a well-known hacker site, a data dump containing the email addresses of 235 million Twitter users was made public. Numerous specialists promptly examined it and determined that many of the entries in the sizable leaked library were legitimate.
Read More
Facebook will pay $725 million to resolve the Cambridge Analytica data leak lawsuit
29 Dec 2022
Facebook’s parent company, Meta, has agreed to pay £600 million to resolve a lawsuit involving a data breach connected to the political consulting firm Cambridge Analytica. In the ongoing battle, Facebook was accused of granting access to user data to third parties, including the British company.
Read More