Security News

Filter by:

Hackers use Microsoft IIS web server logs to control malware

The Cranefly hacking group, aka UNC3524, uses a previously unseen technique of controlling malware on infected devices via Microsoft Internet Information Services (IIS) web server logs. [...]
Bleepingcomputer 1 Nov 2022 1284 Views

ConnectWise fixes RCE bug exposing thousands of servers to attacks

ConnectWise has released security updates to address a critical vulnerability in the ConnectWise Recover and R1Soft Server Backup Manager (SBM) secure backup solutions. [...]
Bleepingcomputer 31 Oct 2022 1449 Views

Twilio Reveals Another Breach from the Same Hackers Behind the August Hack

Communication services provider Twilio this week disclosed that it experienced another "brief security incident" in June 2022 perpetrated by the same threat actor behind the August hack that resulted in unauthorized access of customer information. [...]
Thehackernews 31 Oct 2022 1505 Views

Australian Clinical Labs says patient data stolen in ransomware attack

Australian Clinical Labs (ACL) has disclosed a February 2022 data breach that impacted its Medlab Pathology business, exposing the medical records and other sensitive information of 223,000 people. [...]
Bleepingcomputer 28 Oct 2022 1744 Views

Drinik Android malware now targets users of 18 Indian banks

A new version of the Drinik Android banking trojan targets 18 Indian banks, masquerading as the country's official tax management app to steal victims' personal information and banking credentials. [...]
Bleepingcomputer 28 Oct 2022 1492 Views

iOS Bug Lets Apps Record Siri Conversations

Without even asking for permissions, the newly discovered 'SiriSpy' flaw in Apple's iOS Bluetooth access could allow someone to access user interactions with Siri and keyboard-dictation audio.
Dark Reading 28 Oct 2022 1516 Views

Cybercriminals Used Two PoS Malware to Steal Details of Over 167,000 Credit Cards

Two point-of-sale (PoS) malware variants have been put to use by a threat actor to steal information related to more than 167,000 credit cards from payment terminals.
The Hacker News 26 Oct 2022 1444 Views

Massive cryptomining campaign abuses free-tier cloud dev resources

An automated and large-scale 'freejacking' campaign abuses free GitHub, Heroku, and Buddy services to mine cryptocurrency at the provider's expense.
Bleeping Computer 26 Oct 2022 1618 Views

Researchers Detail Windows Event Log Vulnerabilities: LogCrusher and OverLog

Cybersecurity researchers have disclosed details about a pair of vulnerabilities in shoppingmode Microsoft Windows, one of which could be exploited to result in a denial-of-service (DoS).
The Hacker News 26 Oct 2022 1504 Views

Apple fixes new zero-day used in attacks against iPhones, iPads

In security updates released on Monday, Apple has fixed the ninth zero-day vulnerability used in attacks against iPhones since the start of the year.  [...]
Bleepingcomputer 25 Oct 2022 1728 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY