Security News

Filter by:

Cybercriminals Exploit CrowdStrike Outage Chaos

Cybercriminals are leveraging the ongoing mass global IT outage to launch phishing campaigns, according to reports. [...]
CrowdStrike 23 Jul 2024 370 Views

Threat Actor Uses Fake CrowdStrike Recovery Manual to Deliver Unidentified Stealer

On July 22, 2024, CrowdStrike Intelligence identified a Word document containing macros that download an unidentified stealer now tracked as Daolpu. The document impersonates a Microsoft recovery manual.1 Initial analysis suggests the activity is likely criminal. [...]
CrowdStrike 23 Jul 2024 379 Views

Fake CrowdStrike fixes target companies with malware, data wipers

Threat actors are exploiting the massive business disruption from CrowdStrike's glitchy update on Friday to target companies with data wipers and remote access tools.
Bleeping Computer 22 Jul 2024 520 Views

Falcon Sensor Content Issue from July 19, 2024, Likely Used to Target CrowdStrike Customers

On July 19, 2024, an issue present in a single content update for the CrowdStrike Falcon® sensor impacting Windows operating systems was identified, and a fix was deployed.
CrowdStrike 22 Jul 2024 528 Views

Cisco SSM On-Prem bug lets hackers change any user's password

Cisco has fixed a maximum severity vulnerability that allows attackers to change any user's password on vulnerable Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers, including administrators. [...]
Bleepingcomputer 18 Jul 2024 424 Views

Kaspersky is shutting down its business in the United States

Russian cybersecurity company and antivirus software provider Kaspersky Lab will start shutting down operations in the United States on July 20. [...]
Bleepingcomputer 16 Jul 2024 1055 Views

SEXi ransomware rebrands to APT INC, continues VMware ESXi attacks

The SEXi ransomware operation, known for targeting VMware ESXi servers, has rebranded under the name APT INC and has targeted numerous organizations in recent attacks. [...]
Bleepingcomputer 15 Jul 2024 1200 Views

Signal downplays encryption key flaw, fixes it after X drama

Signal is finally tightening its desktop client's security by changing how it stores plain text encryption keys for the data store after downplaying the issue since 2018. [...]
Bleepingcomputer 12 Jul 2024 1215 Views

Ticket Heist fraud gang uses 700 domains to sell fake Olympics tickets

A large-scale fraud campaign with over 700 domain names is likely targeting Russian-speaking users looking to purchase tickets for the Summer Olympics in Paris.
Bleeping Computer 11 Jul 2024 1462 Views

New Blast-RADIUS attack bypasses widely-used RADIUS authentication

Blast-RADIUS, an authentication bypass in the widely used RADIUS/UDP protocol, enables threat actors to breach networks and devices in man-in-the-middle MD5 collision attacks.
Bleeping Computer 10 Jul 2024 1481 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY