Security News

Filter by:

Ivanti warns of new Connect Secure zero-day exploited in attacks

Today, Ivanti warned of two more vulnerabilities impacting Connect Secure, Policy Secure, and ZTA gateways, one of them a zero-day bug already under active exploitation. [...]
Bleepingcomputer 31 Jan 2024 337 Views

Microsoft Teams phishing pushes DarkGate malware via group chats

New phishing attacks abuse Microsoft Teams group chat requests to push malicious attachments that install DarkGate malware payloads on victims' systems.
Bleeping Computer 31 Jan 2024 501 Views

Online ransomware decryptor helps recover partially encrypted files

CyberArk has created an online version of 'White Phoenix,' an open-source ransomware decryptor targeting operations using intermittent encryption.
Bleeping Computer 31 Jan 2024 371 Views

Blackwood hackers hijack WPS Office update to install malware

A previously unknown advanced threat actor tracked  as 'Blackwood' is using sophisticated malware called NSPX30 in cyberespionage attacks against companies and individuals.
Bleeping Computer 26 Jan 2024 400 Views

Hackers target WordPress database plugin active on 1 million sites

Malicious activity targeting a critical severity flaw in the ‘Better Search Replace’ WordPress plugin has been detected, with researchers observing thousands of attempts in the past 24 hours.
Bleeping Computer 26 Jan 2024 297 Views

iPhone apps abuse iOS push notifications to collect user data

Numerous iOS apps are using background processes triggered by push notifications to collect user data about devices, potentially allowing the creation of fingerprinting profiles used for tracking.
Bleeping Computer 26 Jan 2024 285 Views

Organizations need to switch gears in their approach to email security

Inbound email incidents primarily took the form of malicious URLs, attacks sent from a compromised account, and malware or ransomware attachments.
HelpNetSecurity 26 Jan 2024 420 Views

The dark side of 2023 Cybersecurity: Malware evolution and Cyber threats

In the ever-evolving cybersecurity landscape, 2023 witnessed a dramatic surge in the sophistication of cyber threats and malware. AT&T Cybersecurity Alien Labs reviewed the big events of 2023 and how malware morphed this year to try new ways to breach and wreak havoc.
Bleeping Computer 26 Jan 2024 204 Views

Over 5,300 GitLab servers exposed to zero-click account takeover attacks

Over 5,300 internet-exposed GitLab instances are vulnerable to CVE-2023-7028, a zero-click account takeover flaw GitLab warned about earlier this month. [...]
Bleepingcomputer 25 Jan 2024 242 Views

Ambient light sensors can reveal your device activity. How big a threat is it?

For now, there's no reason for concern, but that could change in coming years.
Ars Technica 24 Jan 2024 506 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY