Security News

Filter by:

Microsoft Warns of Cross-Account Takeover Bug in Azure Container Instances

Microsoft on Wednesday said it remediated a vulnerability in its Azure Container Instances (ACI) services that could have been weaponized by a malicious actor "to access other customers' information" in what the researchers described as the "first cross-account container takeover in...
The Hacker News 11 Sep 2021 14704 Views

McDonald’s Email Blast Includes Password to Monopoly Game Database

Usernames, passwords for database sent in prize redemption emails.
Threatpost 10 Sep 2021 742 Views

Attacker releases credentials for 87,000 FortiGate SSL VPN devices

Access data for FortiGate devices was obtained by exploiting a known, old vulnerability.
ZDnet 9 Sep 2021 1058 Views

Phishing attacks: One in three suspect emails reported by employees really are malicious

Up to a third of emails that were flagged as suspicious by employees were actually a threat, according to a new report.
ZDnet 9 Sep 2021 1182 Views

What Ragnar Locker Got Wrong About Ransomware Negotiators – Podcast

There are a lot of "tells" that the ransomware group doesn't understand how negotiators work, despite threatening to dox data if victims call for help.
Threatpost 9 Sep 2021 795 Views

Can WhatsApp moderators really read your encrypted texts? Yes ... if you forward them to the abuse dept

Where did people think spam and harassment reports were going? Facebook's WhatsApp states its messages are protected by the Signal encryption protocol. A report published today by investigative non-profit ProPublica contends that WhatsApp communication is less private than users understand or expect.…
The Register 8 Sep 2021 13412 Views

Miscreants fling booby-trapped Office files at victims, no patch yet, says Microsoft

ActiveX and MSHTML, the gift that keeps on giving ... to intruders In an advisory issued on Tuesday, Microsoft said some of its users were targeted by poisoned Office documents that exploit an unpatched flaw to hijack their Windows machines.…
The Register 8 Sep 2021 13503 Views

Netgear Smart Switches Open to Complete Takeover

The Demon's Cries, Draconian Fear and Seventh Inferno security bugs are high-severity entryways to corporate networks.
Threatpost 8 Sep 2021 885 Views

U.S. Cyber Command Warns of Ongoing Attacks Exploiting Atlassian Confluence Flaw

The U.S. Cyber Command on Friday warned of ongoing mass exploitation attempts in the wild targeting a now-patched critical security vulnerability affecting Atlassian Confluence deployments that could be abused by unauthenticated attackers to take control of a vulnerable system. "Mass exploitation of Atlassian Confluence...
The Hacker News 8 Sep 2021 5680 Views

Bluetooth BrakTooth bugs could affect billions of devices

Vulnerabilities collectively referred to as BrakTooth are affecting Bluetooth stacks implemented on system-on-a-chip (SoC) circuits from over a dozen vendors.
Bleeping Computer 6 Sep 2021 992 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY