Skip to main content

Security News

Filter by:

Proof-of-Concept released for critical Microsoft Word RCE bug

A proof-of-concept for CVE-2023-21716, a critical vulnerability in Microsoft Word that allows remote code execution, has been published over the weekend.
Bleepingcomputer 7 Mar 2023 396 Views

How to prevent Microsoft OneNote files from infecting Windows with malware

The seemingly innocuous Microsoft OneNote file has become a popular file format used by hackers to spread malware and breach corporate networks. Here's how to block malicious OneNote phishing attachments from infecting Windows. [...]
Bleepingcomputer 6 Mar 2023 403 Views

Microsoft is testing a modern Windows 11 volume mixer

Microsoft is testing a new and modern-looking Windows 11 volume mixer accessible via the taskbar Quick Settings panel that helps adjust the volume on a per-app basis and switch between audio devices. [...]
Bleepingcomputer 6 Mar 2023 406 Views

FTC to ban BetterHelp from sharing mental health data with advertisers

The Federal Trade Commission (FTC) has proposed to ban the online counseling service BetterHelp from sharing its customers' sensitive mental health data with advertising networks and marketers. [...]
Bleepingcomputer 5 Mar 2023 395 Views

BlackLotus bootkit bypasses UEFI Secure Boot on patched Windows 11

The developers of the BlackLotus UEFI bootkit have improved the malware with Secure Boot bypass capabilities that allow it to infected even fully patched Windows 11 systems.
Bleepingcomputer 3 Mar 2023 442 Views

Microsoft releases Windows security updates for Intel CPU flaws

Microsoft has released out-of-band security updates for 'Memory Mapped I/O Stale Data (MMIO)' information disclosure vulnerabilities in Intel CPUs. [...]
Bleepingcomputer 3 Mar 2023 328 Views

Cisco patches critical Web UI RCE flaw in multiple IP phones

Cisco has addressed a critical security vulnerability found in the Web UI of multiple IP Phone models that unauthenticated and remote attackers can exploit in remote code execution (RCE) attacks. [...]
Bleepingcomputer 2 Mar 2023 448 Views

GitHub’s secret scanning alerts now available for all public repos

GitHub has announced that its secret scanning alerts service is now generally available to all public repositories and can be enabled to detect leaked secrets across an entire publishing history. [...]
Bleepingcomputer 2 Mar 2023 451 Views

Microsoft Exchange Online outage blocks access to mailboxes worldwide

Microsoft is investigating an ongoing outage that is blocking Exchange Online customers worldwide from accessing their mailboxes via any connection method or sending/receiving emails. [...]
Bleepingcomputer 2 Mar 2023 473 Views

LastPass DevOps Engineer Targeted for Cloud Decryption Keys in Latest Breach Revelation

The adversaries obtained a decryption key to a LastPass database containing multifactor authentication and federation information as well as customer vault data, company says.
Dark Reading 1 Mar 2023 455 Views