Skip to main content

Security News

Filter by:

Hackers used new Windows Defender zero-day to drop DarkMe malware

Microsoft has patched today a Windows Defender SmartScreen zero-day exploited in the wild by a financially motivated threat group to deploy the DarkMe remote access trojan (RAT).
Bleeping Computer 14 Feb 2024 386 Views

Ivanti Vulnerability Exploited to Install 'DSLog' Backdoor on 670+ IT Infrastructures

Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices.
The Hacker News 14 Feb 2024 6691 Views

Fake LastPass lookalike made it into Apple App Store

LastPass says a rogue application impersonating its popular password manager made it past Apple's gatekeepers and was listed in the iOS App Store for unsuspecting folks to download and install. [...]
The Register 9 Feb 2024 3415 Views

New Fortinet RCE flaw in SSL VPN likely exploited in attacks

Fortinet is warning that a new critical remote code execution vulnerability in FortiOS SSL VPN is potentially being exploited in attacks. [...]
Bleepingcomputer 9 Feb 2024 487 Views

Data of 7,400 students, scholars leaked in HKU breach

The Faculty of Education at the University of Hong Kong (HKU) on Wednesday said the personal data of around 7,400 students, academic visitors and research programme applicants may have been leaked in a cyberattack on January 30.
RTHK 8 Feb 2024 355 Views

Facebook ads push new Ov3r_Stealer password-stealing malware

A new password-stealing malware named Ov3r_Stealer is spreading through fake job advertisements on Facebook, aiming to steal account credentials and cryptocurrency.
Bleeping Computer 8 Feb 2024 469 Views

3 million smart toothbrushes were just used in a DDoS attack. Really

What's next, malware-infected dental floss? But seriously: It's a reminder that even the smallest smart home devices can be a threat. Here's how to protect yourself.
ZDnet 7 Feb 2024 537 Views

Critical Bugs in Canon Small Office Printers Allow Code Execution, DDoS

A grouping of serious printer bugs, unveiled at last summer's Pwn2Own, were patchless for months, but are finally fixed now.
Dark Reading 7 Feb 2024 355 Views

Deepfake colleagues trick HK clerk into paying HK$200m

A clerk working for the Hong Kong branch of a multinational company gave HK$200 million of the firm's money to fraudsters after being tricked into joining a video conference where all the other participants were AI-generated deepfakes, police said on Sunday. [...
RTHK 7 Feb 2024 361 Views

Fortinet FortiSIEM Hit by Two 10/10 Severity Vulnerabilities

The FortiSIEM product from Fortinet has been found to have two new critical vulnerabilities, CVE-2024-23108 and CVE-2024-23109, which allow for remote code execution by unauthenticated attackers.
Cyware News 7 Feb 2024 388 Views