Skip to main content

Security News

Filter by:

Exploit released for RCE zero-day vulnerability in GoAnywhere MFT

Exploit code has been released for a zero-day remote code execution vulnerability affecting Internet-exposed GoAnywhere MFT administrator consoles. [...]
Bleepingcomputer 7 Feb 2023 949 Views

Researcher breaches Toyota supplier portal with info on 14,000 partners

Toyota's Global Supplier Preparation Information Management System (GSPIMS) was breached by a security researcher who responsibly reported the issue to the company. [...]
Bleepingcomputer 7 Feb 2023 65 Views

VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree

VMware on Monday said it found no evidence that threat actors are leveraging an unknown security flaw, i.e., a zero-day, in its software as part of an ongoing ransomware attack spree worldwide. "Most reports state that End of General Support...
The Hacker News 7 Feb 2023 66 Views

VMware warns admins to patch ESXi servers, disable OpenSLP service

VMware warned customers today to install the latest security updates and disable the OpenSLP service targeted in a large-scale campaign of ransomware attacks against Internet-exposed and vulnerable ESXi servers. [...]
Bleepingcomputer 7 Feb 2023 102 Views

Bermuda hit by major internet and power outage

Bermuda experienced a widespread power outage on Friday which impacted the island's internet and phone services. Calling it a "serious incident" at BELCO, the Bermudian power supplier, the government has advised customers to "unplug all sensitive electrical equipment" as crews work...
Bleepingcomputer 4 Feb 2023 152 Views

New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers

VMware ESXi hypervisors are the target of a new wave of attacks designed to deploy ransomware on compromised systems. "These attack campaigns appear to exploit CVE-2021-21974, for which a patch has been available since February 23, 2021," the Computer Emergency Response Team...
The Hacker News 4 Feb 2023 139 Views

Google Fi data breach let hackers carry out SIM swap attacks

Google Fi, Google's U.S.-only telecommunications and mobile internet service, has informed customers that personal data was exposed by a data breach at one of its primary network providers, with some customers warned that it allowed SIM swapping attacks. [....
Bleepingcomputer 2 Feb 2023 223 Views

LockBit ransomware goes 'Green,' uses new Conti-based encryptor

The LockBit ransomware gang has again started using encryptors based on other operations, this time switching to one based on the leaked source code for the Conti ransomware. [...]
Bleepingcomputer 2 Feb 2023 231 Views

Over 29,000 QNAP devices unpatched against new critical flaw

Tens of thousands of QNAP network-attached storage (NAS) devices exposed online are waiting to be patched against a critical security flaw addressed by the Taiwanese company on Monday. [...]
Bleepingcomputer 1 Feb 2023 284 Views

PoS malware can block contactless payments to steal credit cards

New versions of the Prilex point-of-sale malware can block secure, NFC-enabled contactless credit card transactions, forcing consumers to insert credit cards that are then stolen by the malware. [...]
Bleepingcomputer 1 Feb 2023 279 Views