Skip to main content

Security News

Filter by:

Ivanti fixes maximum severity RCE bug in Endpoint Management software

Ivanti has fixed a maximum severity vulnerability in its Endpoint Management software (EPM) that can let unauthenticated attackers gain remote code execution on the core server.
Bleeping Computer 11 Sep 2024 2107 Views

RansomHub ransomware abuses Kaspersky TDSSKiller to disable EDR software

The RansomHub ransomware gang has been using TDSSKiller, a legitimate tool from Kaspersky, to disable endpoint detection and response (EDR) services on target systems.
Bleeping Computer 11 Sep 2024 2081 Views

Cyberattackers Spoof Palo Alto VPNs to Spread WikiLoader Variant

The malware, first discovered two years ago, has returned in campaigns using SEO poisoning.
Dark Reading 4 Sep 2024 2204 Views

RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors

Threat actors linked to the RansomHub ransomware group encrypted and exfiltrated data from at least 210 victims since its inception in February 2024, the U.S. government said. The victims span various sectors, including water and wastewater, information technology, government services and facilities...
The Hacker News 2 Sep 2024 2376 Views

South Korean hackers exploited WPS Office zero-day to deploy malware

The South Korea-aligned cyberespionage group APT-C-60 has been leveraging a zero-day code execution vulnerability in the Windows version of WPS Office to install the SpyGlace backdoor on East Asian targets. [...]
Bleepingcomputer 29 Aug 2024 2647 Views

Major Backdoor In Millions Of RFID Cards Allows Instant Cloning

Packet Storm 27 Aug 2024 32734 Views

PEAKLIGHT Downloader Deployed in Attacks Targeting Windows with Malicious Movie Downloads

Cybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage malware with the ultimate goal of infecting Windows systems with information stealers and loaders.
The Register 26 Aug 2024 2812 Views

New NGate Android malware uses NFC chip to steal credit card data

A new Android malware named NGate can steal money from payment cards by relaying to an attacker's device the data read by the near-field communication (NFC) chip. [...]
Bleepingcomputer 23 Aug 2024 3105 Views

NFC Traffic Stealer Targets Android Users & Their Banking Info

The malware builds on a near-field communication tool in combination with phishing and social engineering to steal cash.
Dark Reading 23 Aug 2024 2668 Views

SolarWinds left critical hardcoded credentials in its Web Help Desk product

Why go to the effort of backdooring code when devs will basically do it for you accidentally anyway SolarWinds left hardcoded credentials in its Web Help Desk product that can be used by remote, unauthenticated attackers to log into vulnerable instances, access internal functionality, and modify sensitive...
The Register 23 Aug 2024 12522 Views