Skip to main content

Security News

Filter by:

When Your Smart ID Card Reader Comes With Malware

Millions of U.S. government employees and contractors have been issued a secure smart ID card that enables physical access to buildings and controlled spaces, and provides access to government computer networks and systems at the cardholder's appropriate security level. But many government employees...
Krebs on Security 18 May 2022 40 Views

Apple emergency update fixes zero-day used to hack Macs, Watches

Apple has released security updates to address a zero-day vulnerability that threat actors can exploit in attacks targeting Macs and Apple Watch devices.
Bleepingcomputer 17 May 2022 190 Views

Hackers are exploiting critical bug in Zyxel firewalls and VPNs

Hackers have started to exploit a recently patched critical vulnerability, tracked as CVE-2022-30525, that affects Zyxel firewall and VPN devices for businesses.
Bleepingcomputer 16 May 2022 219 Views

SonicWall ‘strongly urges’ admins to patch SSLVPN SMA1000 bugs

SonicWall "strongly urges" customers to patch several high-risk security flaws impacting its Secure Mobile Access (SMA) 1000 Series line of products that can let attackers bypass authorization and, potentially, compromise unpatched appliances.
Bleepingcomputer 16 May 2022 214 Views

Hackers Deploy IceApple Exploitation Framework on Hacked MS Exchange Servers

Researchers have detailed a previously undocumented .NET-based post-exploitation framework called IceApple that has been deployed on Microsoft Exchange server instances to facilitate reconnaissance and data exfiltration.
Bleepingcomputer 13 May 2022 257 Views

HP fixes bug letting attackers overwrite firmware in over 200 models

HP has released BIOS updates today to fix two high-severity vulnerabilities affecting a wide range of PC and notebook products, which allow code to run with Kernel privileges.
Bleepingcomputer 12 May 2022 263 Views

Critical F5 BIG-IP vulnerability targeted by destructive attacks

A recently disclosed F5 BIG-IP vulnerability has been used in destructive attacks, attempting to erase a device's file system and make the server unusable.
Bleepingcomputer 11 May 2022 265 Views

New REvil Samples Indicate Ransomware Gang is Back After Months of Inactivity

The notorious ransomware operation known as REvil (aka Sodin or Sodinokibi) has resumed after six months of inactivity, an analysis of new ransomware samples has revealed.
The hacker news 11 May 2022 259 Views

Kaspersky uncovers fileless malware inside Windows event logs

The cybersecurity company says this is the first time they have seen this type of malware hiding method. The post Kaspersky uncovers fileless malware inside Windows event logs appeared first on TechRepublic.
TechRepublic 10 May 2022 381 Views

Microsoft releases fixes for Azure flaw allowing RCE attacks

Microsoft has released security updates to address a security flaw affecting Azure Synapse and Azure Data Factory pipelines that could let attackers execute remote commands across Integration Runtime infrastructure. [...]
Bleepingcomputer 10 May 2022 357 Views