Security News

Filter by:

Log4JShell Used to Swarm VMware Servers with Miners, Backdoors

Researchers have found three backdoors and four miners in attacks exploiting the Log4Shell vulnerability, some of which are still ongoing.
Threatpost 30 Mar 2022 487 Views

Mars Stealer malware pushed via OpenOffice ads on Google

A newly launched information-stealing malware variant called Mars Stealer is rising in popularity, and threat analysts are now spotting the first notable large-scale campaigns employing it. [...]
Bleepingcomputer 30 Mar 2022 823 Views

Honda bug lets a hacker unlock and start your car via replay attack

Researchers have disclosed a 'replay attack' vulnerability affecting select Honda and Acura car models, that allows a nearby hacker to unlock your car and even start its engine from a short distance.
BleepingComputer 29 Mar 2022 803 Views

Muhstik Botnet Targeting Redis Servers Using Recently Disclosed Vulnerability

Muhstik, a botnet infamous for propagating via web application exploits, has been observed targeting Redis servers using a recently disclosed vulnerability in the database system.
The Hacker News 29 Mar 2022 810 Views

Hive ransomware ports its Linux VMware ESXi encryptor to Rust

The Hive ransomware operation has converted their VMware ESXi Linux encryptor to the Rust programming language and added new features to make it harder for security researchers to snoop on victim's ransom negotiations.
Bleepingcomputer 28 Mar 2022 865 Views

Okta: "We made a mistake" delaying the Lapsus$ hack disclosure

Okta has admitted that it made a mistake delaying the disclosure of hack from the Lapsus$ data extortion group that took place in January. Additionally, the company has provided a detailed timeline of the incident and its investigation activities.
Bleepingcomputer 28 Mar 2022 847 Views

Morgan Stanley client accounts breached in social engineering attacks

Morgan Stanley Wealth Management, the wealth and asset management division of Morgan Stanley, says some of its customers had their accounts compromised following vishing attacks. [...]
Bleepingcomputer 25 Mar 2022 868 Views

Phishing kits constantly evolve to evade security software

Modern phishing kits sold on cybercrime forums as off-the-shelve packages feature multiple and sophisticated detection avoidance and traffic filtering systems to ensure that internet security solutions won't mark them as a threat. [...]
Bleepingcomputer 25 Mar 2022 893 Views

Hackers exploit new WPS Office flaw to breach betting firms

An unknown Chinese-speaking threat actor has been targeting betting companies in Taiwan, Hong Kong, and the Philippines, leveraging a vulnerability in WPS Office to plant a backdoor on the targeted systems.
Bleepingcomputer 24 Mar 2022 985 Views

Okta confirms support engineer's laptop was hacked in January

Okta, a major provider of access management systems, has completed its investigation into a breach incident claimed by the Lapsus$ data extortion group. [...]
Bleepingcomputer 23 Mar 2022 827 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY