Skip to main content

Security News

Filter by:

High-Severity RCE Flaw Disclosed in Several Netgear Router Models

Networking equipment company Netgear has released patches to remediate a high-severity remote code execution vulnerability affecting multiple routers that could be exploited by remote attackers to take control of an affected system. <!--adsense--> Traced as CVE-2021-40847 (CVSS score: 8...
The Hacker News 22 Sep 2021 12173 Views

Microsoft Warns of a Wide-Scale Phishing-as-a-Service Operation

Microsoft has opened the lid on a large-scale phishing-as-a-service (PHaaS) operation that's involved in selling phishing kits and email templates as well as providing hosting and automated services at a low cost, thus enabling cyber actors to...
The Hacker News 22 Sep 2021 12189 Views

More than 1 in 3 people have tried to guess someone else's password: 3 in 4 succeed

According to a new study, one in 10 people believe someone could guess their password by looking through their social media.
ZDnet 22 Sep 2021 310 Views

Bitdefender releases universal decryptor for REvil/Sodinokibi victims hit before July 13

Bitdefender's Bogdan Botezatu said they have tested the tool against recent attacks and found that it cannot yet decrypt attacks after the July 13 date.
ZDnet 17 Sep 2021 361 Views

CISA, FBI: State-Backed APTs May Be Exploiting Critical Zoho Bug

The newly identified bug in a Zoho single sign-on and password management tool has been under active attack since early August.
Threatpost 17 Sep 2021 167 Views

Google Is Backing Security Reviews Of These Key Open Source Projects

Packet Storm 17 Sep 2021 22806 Views

Customer Care Giant TTEC Hit By Ransomware

TTEC, [NASDAQ: TTEC], a company used by some of the world's largest brands to help manage customer support and sales online and over the phone, is dealing with disruptions from a network security incident that appears to be the result of a ransomware attack...
Krebs on Security 16 Sep 2021 181 Views

No Patch for High-Severity Bug in Legacy IBM System X Servers

Two of IBM's aging flagship server models, retired in 2020, won’t be patched for a command-injection flaw.
Threatpost 16 Sep 2021 125 Views

Mēris Botnet Hit Russia's Yandex With Massive 22 Million RPS DDoS Attack

Russian internet giant Yandex has been the target of a record-breaking distributed denial-of-service (DDoS) attack by a new botnet called Mēris. The botnet is believed to have pummeled the company's web infrastructure with millions of HTTP requests, before...
The Hacker News 11 Sep 2021 14829 Views

Microsoft Warns of Cross-Account Takeover Bug in Azure Container Instances

Microsoft on Wednesday said it remediated a vulnerability in its Azure Container Instances (ACI) services that could have been weaponized by a malicious actor "to access other customers' information" in what the researchers described as the "first cross-account container takeover in...
The Hacker News 11 Sep 2021 14237 Views