Publicly known support credentials expose GE Healthcare imaging devices to...
The vulnerability gives hackers a means to access sensitive data, move laterally in a network, or execute a ransomware attack.
View ArticleNew Intel CPU-level threat detection capabilities target ransomware
Security vendors can now leverage new telemetry and machine learning processing capabilities built into Intel's 11th Gen mobile processors.
View ArticleFlaws in widely used dnsmasq software leave millions of Linux-based devices...
A set of seven vulnerabilities, called DNSpooq, allows attackers to redirect users or execute malicious code. Patch dnsmasq now.
View ArticleSonicWall warns customers about zero-day vulnerabilities
Attack targets SonicWall's SMA Series access management gateways and is another in a string of incidents against security vendors.
View ArticleLaw enforcement takes over Emotet, one of the biggest botnets
Multi-national cooperation removes this key malware delivery service as a threat, at least temporarily.
View ArticleTrickBot returns with campaign against legal and insurance firms
New iteration of TrickBot botnet, which had enabled Ryuk and other attacks, uses malicious links in emails rather than rogue email attachments.
View ArticleEgregor ransomware takes a hit after arrests in Ukraine
A cyber criminal group associated with the Egregor ransomware was dismantled in Ukraine following a joint action by US, French and Ukrainian authorities.
View ArticleChinese cyberespionage group hacks US organisations with Exchange zero-day flaws
Microsoft believes Chinese APT group Hafnium is using a set of previously unknown Exchange Server vulnerabilities to access mailbox contents and perform remote code execution.
View ArticleGootkit malware creators expand distribution platform
Gootloader component infects computers by hijacking Google search results to send victims to legitimate but compromised websites.
View ArticleNew free software signing service aims to strengthen open source ecosystem
The Linux Foundation's sigstore code-signing software, developed with IBM and Red Hat, will help prevent attacks on the software supply chain
View ArticleIntel, Microsoft join DARPA effort to accelerate fully homomorphic encryption
Aims to improve performance of FHE to make it practical for business and government to better protect confidential data in the cloud.
View ArticleExplaining Ryuk ransomware, a targeted and devastatingly effective attack
Ryuk attacks are targeted to the most vulnerable, most likely to pay companies and are often paired with other malware such as TrickBot.
View ArticleCloudflare attempts to become corporate network backbone with centralised...
Magic WAN and Magic Firewall aim to simplify linking sites and data centres while allowing organisations to better enforce security policies.
View ArticlePHP backdoor attempt shows need for better code authenticity verification
Attackers were able to place malicious code in the PHP central code repository, forcing changes to the PHP Group's infrastructure.
View ArticleTop cyber crime gangs use targeted fake job offers to deploy stealthy backdoor
The Golden Chickens cyber criminal gang is believed to sell its more_eggs backdoor for campaigns executed using information from LinkedIn profiles.
View ArticleFBI cleans web shells from hacked Microsoft Exchange servers in rare active...
The FBI has been deleting backdoors placed by cyber espionage group Hafnium on Microsoft Exchange servers, signalling a more active defence approach.
View ArticleSpy groups hack into companies using zero-day flaw in Pulse Secure VPN
Known and unknown groups are using VPN vulnerabilities to circumvent authentication and establish backdoors.
View ArticleSiloscape malware escapes Windows containers to backdoor Kubernetes clusters
This newly discovered malware is the first to take advantage of an obscure Windows container escape technique to seek out and infect Kubernetes clusters.
View ArticleThousands of publicly accessible VMware vCenter Servers vulnerable to...
Three weeks after releasing patches for a critical vulnerability in VMware vCenter, thousands of servers remain vulnerable to attacks.
View ArticleActive Directory Certificate Services a big security blindspot on enterprise...
Microsoft's Active Directory PKI component commonly have configuration mistakes that allow attackers to gain account and domain-level privileges.
View Article
More Pages to Explore .....