Security News

Filter by:

New Microsoft Exchange credential stealing malware could be worse than phishing

Kaspersky has discovered a malicious add-on for Microsoft's Internet Information Service (IIS) web server software that it said is designed to harvest credentials from Outlook Web Access (OWA), the webmail client for Exchange and Office 365...
TechRepublic 15 Dec 2021 1234 Views

Irish Health Service ransomware attack happened after one staffer opened malware-ridden email

PWC report shows long list of missed opportunities to shut out extortion crims Ireland's Health Service Executive (HSE) was almost paralysed by ransomware after a single user opened a malicious file attached to a phishing email, a consultancy's damning report has revealed....
The Register 11 Dec 2021 14484 Views

Zero Day in Ubiquitous Apache Log4j Tool Under Active Attack

The Log4Shell vulnerability critically threatens anybody using the popular open-source Apache Struts framework and could lead to a “Mini internet meltdown soonish.”
Threatpost 11 Dec 2021 758 Views

Malicious npm Code Packages Built for Hijacking Discord Servers

The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases.
Threatpost 9 Dec 2021 773 Views

With 18,378 vulnerabilities reported in 2021, NIST records fifth straight year of record numbers

A record 18,378 vulnerabilities were reported in 2021 but the number of high severity vulnerabilities was lower than 2020.
ZDnet 9 Dec 2021 812 Views

Magnat malvertising campaigns spreads malicious Chrome extensions, backdoors and info stealers

Experts spotted a series of malvertising campaigns using fake installers of popular apps and games to deliver a backdoor and a malicious Chrome extension.
Security Affairs 7 Dec 2021 1149 Views

FBI: Cuba ransomware group hit 49 critical infrastructure organizations

The FBI claimed the group has made at least $43.9 million in ransom payments.
ZDnet 4 Dec 2021 807 Views

Warning: Yet Another Zoho ManageEngine Product Found Under Active Attacks

Enterprise software provider Zoho on Friday warned that a newly patched critical flaw in its Desktop Central and Desktop Central MSP is being actively exploited by malicious actors, marking the third security vulnerability in its products to be abused in the wild in a span of four months. <!--...
The Hacker News 4 Dec 2021 1317 Views

New malware hides as legit nginx process on e-commerce servers

eCommerce servers are being targeted with remote access malware that hides on Nginx servers in a way that makes it virtually invisible to security solutions.
Bleeping Computer 3 Dec 2021 1383 Views

Nine WiFi routers used by millions were vulnerable to 226 flaws

Security researchers analyzed nine popular WiFi routers and found a total of 226 potential vulnerabilities in them, even when running the latest firmware.
Bleeping Computer 3 Dec 2021 1504 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY