Security News

Filter by:

Ransomware associated with LockBit still spreading 2 days after server takedown

Two days after an international team of authorities struck a major blow at LockBit, one of the Internet’s most prolific ransomware syndicates, researchers have detected a new round of attacks that are installing malware associated with the group. [...]
Ars Technica 23 Feb 2024 3668 Views

ScreenConnect critical bug now under attack as exploit code emerges

Both technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its remote desktop and access software.
Bleeping Computer 22 Feb 2024 604 Views

VMware urges admins to remove deprecated, vulnerable auth plug-in

VMware urged admins today to remove a discontinued authentication plugin exposed to authentication relay and session hijack attacks in Windows domain environments via two security vulnerabilities left unpatched.
Bleeping Computer 22 Feb 2024 615 Views

'KeyTrap' DNS Bug Threatens Widespread Internet Outages

Thanks to a 24-year-old security vulnerability tracked as CVE-2023-50387, attackers could stall DNS servers with just a single malicious packet, effectively taking out wide swaths of the Internet.
Dark Reading 21 Feb 2024 522 Views

ConnectWise urges ScreenConnect admins to patch critical RCE flaw

ConnectWise warned customers to patch their ScreenConnect servers immediately against a maximum severity flaw that can be used in remote code execution (RCE) attacks. [...]
Bleepingcomputer 21 Feb 2024 524 Views

Joomla XSS Bugs Open Millions of Websites to RCE

Improper content filtering in a core function allows multiple paths to exploitation for CVE-2024-21726.
Dark Reading 21 Feb 2024 489 Views

Musk claims Neuralink patient doing OK with implant, can move mouse with brain

Medical ethicists alarmed by Musk being "sole source of information" on patient.
Ars Technica 21 Feb 2024 3393 Views

Signal rolls out usernames that let you hide your phone number

End-to-end encrypted messaging app Signal finally allows users to pick custom usernames to connect with others while protecting their phone number privacy. [...]
Bleepingcomputer 21 Feb 2024 475 Views

Over 28,500 Exchange servers vulnerable to actively exploited bug

Up to 97,000 Microsoft Exchange servers may be vulnerable to a critical severity privilege escalation flaw tracked as CVE-2024-21410 that hackers are actively exploiting. [...]
Bleepingcomputer 20 Feb 2024 581 Views

Anatsa Android malware downloaded 150,000 times via Google Play

The Anatsa banking trojan has been targeting users in Europe by infecting Android devices through malware droppers hosted on Google Play. [...]
Bleepingcomputer 19 Feb 2024 558 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY