Quantcast
Channel: ARN - Stories by Lucian Constantin RSS feed
Browsing all 187 articles
Browse latest View live

Publicly known support credentials expose GE Healthcare imaging devices to...

The vulnerability gives hackers a means to access sensitive data, move laterally in a network, or execute a ransomware attack.

View Article



New Intel CPU-level threat detection capabilities target ransomware

Security vendors can now leverage new telemetry and machine learning processing capabilities built into Intel's 11th Gen mobile processors.

View Article

Flaws in widely used dnsmasq software leave millions of Linux-based devices...

A set of seven vulnerabilities, called DNSpooq, allows attackers to redirect users or execute malicious code. Patch dnsmasq now.

View Article

SonicWall warns customers about zero-day vulnerabilities

Attack targets SonicWall's SMA Series access management gateways and is another in a string of incidents against security vendors.

View Article

Law enforcement takes over Emotet, one of the biggest botnets

Multi-national cooperation removes this key malware delivery service as a threat, at least temporarily.

View Article


TrickBot returns with campaign against legal and insurance firms

New iteration of TrickBot botnet, which had enabled Ryuk and other attacks, uses malicious links in emails rather than rogue email attachments.

View Article

Egregor ransomware takes a hit after arrests in Ukraine

A cyber criminal group associated with the Egregor ransomware was dismantled in Ukraine following a joint action by US, French and Ukrainian authorities.

View Article

Chinese cyberespionage group hacks US organisations with Exchange zero-day flaws

Microsoft believes Chinese APT group Hafnium is using a set of previously unknown Exchange Server vulnerabilities to access mailbox contents and perform remote code execution.

View Article


Gootkit malware creators expand distribution platform

Gootloader component infects computers by hijacking Google search results to send victims to legitimate but compromised websites.

View Article


New free software signing service aims to strengthen open source ecosystem

The Linux Foundation's sigstore code-signing software, developed with IBM and Red Hat, will help prevent attacks on the software supply chain

View Article

Intel, Microsoft join DARPA effort to accelerate fully homomorphic encryption

Aims to improve performance of FHE to make it practical for business and government to better protect confidential data in the cloud.

View Article

Explaining Ryuk ransomware, a targeted and devastatingly effective attack

Ryuk attacks are targeted to the most vulnerable, most likely to pay companies and are often paired with other malware such as TrickBot.

View Article

Cloudflare attempts to become corporate network backbone with centralised...

Magic WAN and Magic Firewall aim to simplify linking sites and data centres while allowing organisations to better enforce security policies.

View Article


PHP backdoor attempt shows need for better code authenticity verification

Attackers were able to place malicious code in the PHP central code repository, forcing changes to the PHP Group's infrastructure.

View Article

Top cyber crime gangs use targeted fake job offers to deploy stealthy backdoor

The Golden Chickens cyber criminal gang is believed to sell its more_eggs backdoor for campaigns executed using information from LinkedIn profiles.

View Article


FBI cleans web shells from hacked Microsoft Exchange servers in rare active...

The FBI has been deleting backdoors placed by cyber espionage group Hafnium on Microsoft Exchange servers, signalling a more active defence approach.

View Article

Spy groups hack into companies using zero-day flaw in Pulse Secure VPN

Known and unknown groups are using VPN vulnerabilities to circumvent authentication and establish backdoors.

View Article


Siloscape malware escapes Windows containers to backdoor Kubernetes clusters

This newly discovered malware is the first to take advantage of an obscure Windows container escape technique to seek out and infect Kubernetes clusters.

View Article

Thousands of publicly accessible VMware vCenter Servers vulnerable to...

Three weeks after releasing patches for a critical vulnerability in VMware vCenter, thousands of servers remain vulnerable to attacks.

View Article

Active Directory Certificate Services a big security blindspot on enterprise...

Microsoft's Active Directory PKI component commonly have configuration mistakes that allow attackers to gain account and domain-level privileges.

View Article
Browsing all 187 articles
Browse latest View live




Latest Images