Skip to main content

Security News

Filter by:

QNAP warns users to disable AFP until it fixes critical bugs

Taiwanese corporation QNAP has asked customers this week to disable the AFP file service protocol on their network-attached storage (NAS) appliances until it fixes multiple critical Netatalk vulnerabilities. [...]
Bleepingcomputer 28 Apr 2022 352 Views

Emotet malware now installs via PowerShell in Windows shortcut files

The Emotet botnet is now using Windows shortcut files (.LNK) containing PowerShell commands to infect victims computers, moving away from Microsoft Office macros that are now disabled by default.
Bleeping Computer 27 Apr 2022 7332 Views

Emotet malware infects users again after fixing broken installer

The Emotet malware phishing campaign is up and running again after the threat actors fixed a bug preventing people from becoming infected when they opened malicious email attachments. [...]
Bleepingcomputer 26 Apr 2022 370 Views

Researchers Report Critical RCE Vulnerability in Google's VirusTotal Platform

Security researchers have disclosed a security vulnerability in the VirusTotal platform that could have been potentially weaponized to achieve remote code execution (RCE). The flaw, now patched, made it possible to "execute commands remotely within VirusTotal platform and gain access to its various scans capabilities...
The Hacker News 26 Apr 2022 362 Views

Atlassian Drops Patches for Critical Jira Authentication Bypass Vulnerability

Atlassian has published a security advisory warning of a critical vulnerability in its Jira software that could be abused by a remote, unauthenticated attacker to circumvent authentication protections.
The Hacker News 25 Apr 2022 350 Views

Hackers Are Exploiting Zero Days More Than Ever

Packet Storm 25 Apr 2022 13150 Views

Docker servers hacked in ongoing cryptomining malware campaign

Docker APIs on Linux servers are being targeted by a large-scale Monero crypto-mining campaign from the operators of the Lemon_Duck botnet. [...]
Bleepingcomputer 22 Apr 2022 108 Views

QNAP asks users to mitigate critical Apache HTTP Server bugs

QNAP has asked customers to apply mitigation measures to block attempts to exploit Apache HTTP Server security vulnerabilities impacting their network-attached storage (NAS) devices. [...]
Bleepingcomputer 22 Apr 2022 89 Views

Google: 2021 was a Banner Year for Exploited 0-Day Bugs

Last year, Google Project Zero tracked a record 58 exploited-in-the-wild zero-day security holes. Google Project Zero reported 58 exploited zero-day vulnerabilities in 2021, a record in the short time the team of security researchers has been keeping...
Thehackernews 21 Apr 2022 102 Views

Hackers Exploiting Recently Reported Windows Print Spooler Vulnerability in the Wild

A security flaw in the Windows Print Spooler component that was patched by Microsoft in February is being actively exploited in the wild, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned.
Thehackernews 21 Apr 2022 102 Views