Security News

Filter by:

Windows Mark of the Web bypass zero-day gets unofficial patch

A free unofficial patch has been released through the 0patch platform to address an actively exploited zero-day flaw in the Windows Mark of the Web (MotW) security mechanism. [...]
Bleepingcomputer 18 Oct 2022 1920 Views

New PHP information-stealing malware targets Facebook accounts

Threat analysts have spotted a new Ducktail campaign using a new infostealer variant and novel TTPs (tactics, techniques, and procedures), while the Facebook users it targets are no longer limited to holders of business accounts. [...]
Bleepingcomputer 16 Oct 2022 1668 Views

Over 45,000 VMware ESXi servers just reached end-of-life

Over 45,000 VMware ESXi servers inventoried by Lansweeper just reached end-of-life (EOL), with VMware no longer providing software and security updates unless companies purchase an extended support contract. [...]
Bleepingcomputer 16 Oct 2022 1796 Views

Almost 900 servers hacked using Zimbra zero-day flaw

Almost 900 servers have been hacked using a critical Zimbra Collaboration Suite (ZCS) vulnerability, which at the time was a zero-day without a patch for nearly 1.5 months. [...]
Bleepingcomputer 15 Oct 2022 1532 Views

Feature-Rich 'Alchimist' Cyberattack Framework Targets Windows, Mac, Linux Environments

The comprehensive, multiplatform framework comes loaded with weapons, and it is likely another effort by a China-based threat group to develop an alternative to Cobalt Strike and Sliver.
Dark Reading 14 Oct 2022 1421 Views

Unofficial WhatsApp Android app caught stealing users’ accounts

A new version of an unofficial WhatsApp Android application named 'YoWhatsApp' has been found stealing access keys for users' accounts.
Bleeping Computer 13 Oct 2022 1896 Views

All Windows versions can now block admin brute-force attacks

Microsoft announced today that IT admins can now configure any Windows system still receiving security updates to automatically block brute force attacks targeting local administrator accounts via a group policy. [...]
Bleepingcomputer 12 Oct 2022 2000 Views

Android leaks some traffic even when 'Always-on VPN' is enabled

Mullvad VPN has discovered that Android leaks traffic every time the device connects to a WiFi network, even if the "Block connections without VPN," or "Always-on VPN," features is enabled. [...]
Bleepingcomputer 12 Oct 2022 2066 Views

The 2020-2022 ATM/PoS malware landscape

Attacks using ATM or PoS malware are on the rise again in 2022 after the COVID-19 lockdowns. The post The 2020-2022 ATM/PoS malware landscape appeared first on TechRepublic.
TechRepublic 12 Oct 2022 1619 Views

Fortinet warns admins to patch critical auth bypass bug immediately

Fortinet has warned administrators to update FortiGate firewalls and FortiProxy web proxies to the latest versions, which address a critical severity vulnerability.
Bleeping Computer 10 Oct 2022 1764 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY