Security News

Filter by:

Hackers turn to Google search ads to push info-stealing malware

Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google search results. [...]
Bleepingcomputer 18 Jan 2023 1520 Views

Over 4,000 Sophos Firewall devices vulnerable to RCE attacks

Over 4,000 Sophos Firewall devices exposed to Internet access are vulnerable to attacks targeting a critical remote code execution (RCE) vulnerability. [...]
Bleepingcomputer 18 Jan 2023 1589 Views

MSI accidentally breaks Secure Boot for hundreds of motherboards

Over 290 MSI motherboards are reportedly affected by an insecure default UEFI Secure Boot setting settings that allows any operating system image to run regardless of whether it has a wrong or missing signature. [...]
Bleepingcomputer 17 Jan 2023 1611 Views

Researchers to release PoC exploit for critical Zoho RCE bug, patch now

Proof-of-concept exploit code will be released later this week for a critical vulnerability allowing remote code execution (RCE) without authentication in several VMware products. [...]
Bleepingcomputer 17 Jan 2023 1514 Views

Avast releases free BianLian ransomware decryptor

Security software company Avast has released a free decryptor for the BianLian ransomware strain to help victims of the malware recover locked files without paying the hackers. [...]
Bleepingcomputer 16 Jan 2023 1058 Views

CircleCI's hack caused by malware stealing engineer's 2FA-backed session

Hackers breached CircleCi in December after an engineer became infected with information-stealing malware that stole the employee's 2FA-backed SSO session, allowing access to the company's internal systems. [...]
Bleepingcomputer 15 Jan 2023 827 Views

Canada's largest alcohol retailer's site hacked to steal credit cards

The Liquor Control Board of Ontario (LCBO), a Canadian government enterprise and the country's largest beverage alcohol retailer, revealed that unknown attackers had breached its website to inject malicious code designed to steal customer and credit card information at check-out. [....
Bleepingcomputer 14 Jan 2023 947 Views

Critical Cisco SMB Router Flaw Allows Authentication Bypass, PoC Available

Unpatched Cisco bugs, tracked as CVE-2023-20025 and CVE-2023-20026, allow lateral movement, data theft, and malware infestations.
Dark Reading 13 Jan 2023 1117 Views

Fortinet: Govt networks targeted with now-patched SSL-VPN zero-day

Fortinet says unknown attackers exploited a FortiOS SSL-VPN zero-day vulnerability patched last month in attacks against government organizations and government-related targets. [...]
Bleepingcomputer 13 Jan 2023 1025 Views

Microsoft: Cuba ransomware hacking Exchange servers via OWASSRF flaw

Microsoft says Cuba ransomware threat actors are hacking their way into victims' networks via Microsoft Exchange servers unpatched against a critical server-side request forgery (SSRF) vulnerability also exploited in Play ransomware attacks. [...]
Bleepingcomputer 13 Jan 2023 1146 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY