New Windows print spooler zero day exploitable via remote print servers
Another zero day vulnerability in Windows Print Spooler can give a threat actor administrative privileges on a Windows machine through a remote server under the attacker's control and the 'Queue-Specific Files' feature. [...]
https://www.bleepingcomputer.com/news/microsoft/new-windows-print-spooler-zero-day-exploitable-via-remote-print-servers/
Another zero day vulnerability in Windows Print Spooler can give a threat actor administrative privileges on a Windows machine through a remote server under the attacker's control and the 'Queue-Specific Files' feature. [...]
https://www.bleepingcomputer.com/news/microsoft/new-windows-print-spooler-zero-day-exploitable-via-remote-print-servers/
BleepingComputer
New Windows print spooler zero day exploitable via remote print servers
Another zero day vulnerability in Windows Print Spooler can give a threat actor administrative privileges on a Windows machine through a remote server under the attacker's control and the 'Queue-Specific Files' feature.
Windows 11 features, expected release date, and latest news
Microsoft has released the next version of Windows called "Windows 11" and it is coming later this year. Windows 11 is the successor to Windows 10 and it's a big update with tons of new features, redesigned Start Menu, and more. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-11-features-expected-release-date-and-latest-news/
Microsoft has released the next version of Windows called "Windows 11" and it is coming later this year. Windows 11 is the successor to Windows 10 and it's a big update with tons of new features, redesigned Start Menu, and more. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-11-features-expected-release-date-and-latest-news/
BleepingComputer
Windows 11 features, expected release date, and latest news
Microsoft has released the next version of Windows called "Windows 11" and it is coming later this year. Windows 11 is the successor to Windows 10 and it's a big update with tons of new features, redesigned Start Menu, and more.
iPhones running latest iOS hacked to deploy NSO Group spyware
Human rights non-governmental organization Amnesty International and non-profit project Forbidden Stories revealed in a recent report that they found spyware made by Israeli surveillance firm NSO Group deployed on iPhones running Apple's latest iOS release, hacked using zero-day zero-click iMessage exploits. [...]
https://www.bleepingcomputer.com/news/security/iphones-running-latest-ios-hacked-to-deploy-nso-group-spyware/
Human rights non-governmental organization Amnesty International and non-profit project Forbidden Stories revealed in a recent report that they found spyware made by Israeli surveillance firm NSO Group deployed on iPhones running Apple's latest iOS release, hacked using zero-day zero-click iMessage exploits. [...]
https://www.bleepingcomputer.com/news/security/iphones-running-latest-ios-hacked-to-deploy-nso-group-spyware/
BleepingComputer
iPhones running latest iOS hacked to deploy NSO Group spyware
Human rights non-governmental organization Amnesty International and non-profit project Forbidden Stories revealed in a recent report that they found spyware made by Israeli surveillance firm NSO Group deployed on iPhones running Apple's latest iOS releaseβ¦
US and allies officially accuse China of Microsoft Exchange attacks
US and allies, including the European Union, the United Kingdom, and NATO, are officially blaming China for this year's widespread Microsoft Exchange hacking campaign. [...]
https://www.bleepingcomputer.com/news/security/us-and-allies-officially-accuse-china-of-microsoft-exchange-attacks/
US and allies, including the European Union, the United Kingdom, and NATO, are officially blaming China for this year's widespread Microsoft Exchange hacking campaign. [...]
https://www.bleepingcomputer.com/news/security/us-and-allies-officially-accuse-china-of-microsoft-exchange-attacks/
BleepingComputer
US and allies officially accuse China of Microsoft Exchange attacks
US and allies, including the European Union, the United Kingdom, and NATO, are officially blaming China for this year's widespread Microsoft Exchange hacking campaign.
Saudi Aramco data breach sees 1 TB stolen data for sale
Attackers have stolen 1 TB of proprietary data belonging to Saudi Aramco and are offering it for sale on the darknet. The Saudi Arabian Oil Company, better known as Saudi Aramco, is one of the largest public petroleum and natural gas companies in the world. The sales price, albeit negotiable, is set at $5 million. [...]
https://www.bleepingcomputer.com/news/security/saudi-aramco-data-breach-sees-1-tb-stolen-data-for-sale/
Attackers have stolen 1 TB of proprietary data belonging to Saudi Aramco and are offering it for sale on the darknet. The Saudi Arabian Oil Company, better known as Saudi Aramco, is one of the largest public petroleum and natural gas companies in the world. The sales price, albeit negotiable, is set at $5 million. [...]
https://www.bleepingcomputer.com/news/security/saudi-aramco-data-breach-sees-1-tb-stolen-data-for-sale/
BleepingComputer
Saudi Aramco data breach sees 1 TB stolen data for sale
Attackers have stolen 1 TB of proprietary data belonging to Saudi Aramco and are offering it for sale on the darknet. The Saudi Arabian Oil Company, better known as Saudi Aramco, is one of the largest public petroleum and natural gas companies in the world.β¦
US indicts members of Chinese-backed hacking group APT40
Today, the US Department of Justice (DOJ) indicted four members of the Chinese state-sponsored hacking group known as APT40 for hacking various companies, universities, and government entities in the US and worldwide between 2011 and 2018. [...]
https://www.bleepingcomputer.com/news/security/us-indicts-members-of-chinese-backed-hacking-group-apt40/
Today, the US Department of Justice (DOJ) indicted four members of the Chinese state-sponsored hacking group known as APT40 for hacking various companies, universities, and government entities in the US and worldwide between 2011 and 2018. [...]
https://www.bleepingcomputer.com/news/security/us-indicts-members-of-chinese-backed-hacking-group-apt40/
BleepingComputer
US indicts members of Chinese-backed hacking group APT40
Today, the US Department of Justice (DOJ) indicted four members of the Chinese state-sponsored hacking group known as APT40 for hacking various companies, universities, and government entities in the US and worldwide between 2011 and 2018.
Microsoft takes down domains used to scam Office 365 users
Microsoft's Digital Crimes Unit (DCU) has seized 17 malicious domains used by scammers in a business email compromise (BEC) campaign targeting the company's customers. [...]
https://www.bleepingcomputer.com/news/security/microsoft-takes-down-domains-used-to-scam-office-365-users/
Microsoft's Digital Crimes Unit (DCU) has seized 17 malicious domains used by scammers in a business email compromise (BEC) campaign targeting the company's customers. [...]
https://www.bleepingcomputer.com/news/security/microsoft-takes-down-domains-used-to-scam-office-365-users/
BleepingComputer
Microsoft takes down domains used to scam Office 365 users
Microsoft's Digital Crimes Unit (DCU) has seized 17 malicious domains used by scammers in a business email compromise (BEC) campaign targeting the company's customers.
iPhone WiFi bug morphs into zero-click hacking, but there's a fix
Security researchers investigating a bug that crashed the Wifi service on iPhones found that it could be exploited for remote code execution without user interaction. [...]
https://www.bleepingcomputer.com/news/apple/iphone-wifi-bug-morphs-into-zero-click-hacking-but-theres-a-fix/
Security researchers investigating a bug that crashed the Wifi service on iPhones found that it could be exploited for remote code execution without user interaction. [...]
https://www.bleepingcomputer.com/news/apple/iphone-wifi-bug-morphs-into-zero-click-hacking-but-theres-a-fix/
BleepingComputer
iPhone WiFi bug morphs into zero-click hacking, but there's a fix
Security researchers investigating a bug that crashed the Wifi service on iPhones found that it could be exploited for remote code execution without user interaction.
New MosaicLoader malware targets software pirates via online ads
An ongoing worldwide campaign is pushing new malware dubbed MosaicLoader advertising camouflaged as cracked software via search engine results to infect wannabe software pirates' systems. [...]
https://www.bleepingcomputer.com/news/security/new-mosaicloader-malware-targets-software-pirates-via-online-ads/
An ongoing worldwide campaign is pushing new malware dubbed MosaicLoader advertising camouflaged as cracked software via search engine results to infect wannabe software pirates' systems. [...]
https://www.bleepingcomputer.com/news/security/new-mosaicloader-malware-targets-software-pirates-via-online-ads/
BleepingComputer
New MosaicLoader malware targets software pirates via online ads
An ongoing worldwide campaign is pushing new malware dubbed MosaicLoader camouflaged as cracked software via search engine advertising to infect wannabe software pirates' systems.
Fortinet fixes bug letting unauthenticated hackers run code as root
Fortinet has released updates for its FortiManager and FortiAnalyzer network management solutions to fix a serious vulnerability that could be exploited to execute arbitrary code with the highest privileges. [...]
https://www.bleepingcomputer.com/news/security/fortinet-fixes-bug-letting-unauthenticated-hackers-run-code-as-root/
Fortinet has released updates for its FortiManager and FortiAnalyzer network management solutions to fix a serious vulnerability that could be exploited to execute arbitrary code with the highest privileges. [...]
https://www.bleepingcomputer.com/news/security/fortinet-fixes-bug-letting-unauthenticated-hackers-run-code-as-root/
BleepingComputer
Fortinet fixes bug letting unauthenticated hackers run code as root
Fortinet has released updates for its FortiManager and FortiAnalyzer network management solutions to fix a serious vulnerability that could be exploited to execute arbitrary code with the highest privileges.
16-year-old bug in printer software gives hackers admin rights
A 16-year-old security vulnerability found in HP, Xerox, and Samsung printers drivers allows attackers to gain admin rights on systems using the vulnerable driver software. [...]
https://www.bleepingcomputer.com/news/security/16-year-old-bug-in-printer-software-gives-hackers-admin-rights/
A 16-year-old security vulnerability found in HP, Xerox, and Samsung printers drivers allows attackers to gain admin rights on systems using the vulnerable driver software. [...]
https://www.bleepingcomputer.com/news/security/16-year-old-bug-in-printer-software-gives-hackers-admin-rights/
BleepingComputer
16-year-old bug in printer software gives hackers admin rights
A 16-year-old security vulnerability found in HP, Xerox, and Samsung printers drivers allows attackers to gain admin rights on systems using the vulnerable driver software.
FBI: Threat actors may be targeting the 2020 Tokyo Summer Olympics
The Federal Bureau of Investigation (FBI) warns of threat actors potentially targeting the upcoming Olympic Games, although evidence of attacks planned against the Olympic Games Tokyo 2020 is yet to be uncovered. [...]
https://www.bleepingcomputer.com/news/security/fbi-threat-actors-may-be-targeting-the-2020-tokyo-summer-olympics/
The Federal Bureau of Investigation (FBI) warns of threat actors potentially targeting the upcoming Olympic Games, although evidence of attacks planned against the Olympic Games Tokyo 2020 is yet to be uncovered. [...]
https://www.bleepingcomputer.com/news/security/fbi-threat-actors-may-be-targeting-the-2020-tokyo-summer-olympics/
BleepingComputer
FBI: Threat actors may be targeting the 2020 Tokyo Summer Olympics
The Federal Bureau of Investigation (FBI) warns of threat actors potentially targeting the upcoming Olympic Games, although evidence of attacks planned against the Olympic Games Tokyo 2020 is yet to be uncovered.
New Linux kernel bug lets you get root on most modern distros
Unprivileged attackers can gain root privileges by exploiting a local privilege escalation (LPE) vulnerability in default configurations of the Linux Kernel's filesystem layer on vulnerable devices. [...]
https://www.bleepingcomputer.com/news/security/new-linux-kernel-bug-lets-you-get-root-on-most-modern-distros/
Unprivileged attackers can gain root privileges by exploiting a local privilege escalation (LPE) vulnerability in default configurations of the Linux Kernel's filesystem layer on vulnerable devices. [...]
https://www.bleepingcomputer.com/news/security/new-linux-kernel-bug-lets-you-get-root-on-most-modern-distros/
BleepingComputer
New Linux kernel bug lets you get root on most modern distros
Unprivileged attackers can gain root privileges by exploiting a local privilege escalation (LPE) vulnerability in default configurations of the Linux Kernel's filesystem layer on vulnerable devices.
New Windows 10 vulnerability allows anyone to get admin privileges
Windows 10 and Windows 11 are vulnerable to a local elevation of privilege vulnerability after discovering that users with low privileges can access sensitive Registry database files. [...]
https://www.bleepingcomputer.com/news/microsoft/new-windows-10-vulnerability-allows-anyone-to-get-admin-privileges/
Windows 10 and Windows 11 are vulnerable to a local elevation of privilege vulnerability after discovering that users with low privileges can access sensitive Registry database files. [...]
https://www.bleepingcomputer.com/news/microsoft/new-windows-10-vulnerability-allows-anyone-to-get-admin-privileges/
BleepingComputer
New Windows 10 vulnerability allows anyone to get admin privileges
Windows 10 and Windows 11 are vulnerable to a local elevation of privilege vulnerability after discovering that users with low privileges can access sensitive Registry database files.
DuckDuckGo's new email privacy service forwards tracker-free messages
DuckDuckGo is rolling out an email privacy feature that strips incoming messages of trackers that can help profile you for better profiling and ad targeting. [...]
https://www.bleepingcomputer.com/news/security/duckduckgos-new-email-privacy-service-forwards-tracker-free-messages/
DuckDuckGo is rolling out an email privacy feature that strips incoming messages of trackers that can help profile you for better profiling and ad targeting. [...]
https://www.bleepingcomputer.com/news/security/duckduckgos-new-email-privacy-service-forwards-tracker-free-messages/
BleepingComputer
DuckDuckGo's new email privacy service forwards tracker-free messages
DuckDuckGo is rolling out an email privacy feature that strips incoming messages of trackers that can help profile you for better profiling and ad targeting.
Microsoft Teams chat feature rolling out to Windows 11
With Windows 11, Microsoft is integrating the Microsoft Teams chatting feature into the Windows Taskbar. Microsoft Teams Chat feature is based on Microsoft Teams desktop client and Microsoft is basically extending Teams capability by bringing the dedicated button right to your taskbar. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-teams-chat-feature-rolling-out-to-windows-11/
With Windows 11, Microsoft is integrating the Microsoft Teams chatting feature into the Windows Taskbar. Microsoft Teams Chat feature is based on Microsoft Teams desktop client and Microsoft is basically extending Teams capability by bringing the dedicated button right to your taskbar. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-teams-chat-feature-rolling-out-to-windows-11/
BleepingComputer
Microsoft Teams chat feature rolling out to Windows 11
With Windows 11, Microsoft is integrating the Microsoft Teams chatting feature into the Windows Taskbar. Microsoft Teams Chat feature is based on Microsoft Teams desktop client and Microsoft is basically extending Teams capability by bringing the dedicatedβ¦
Microsoft shares workarounds for new Windows 10 zero-day bug
Microsoft has shared workarounds for a Windows 10 zero-day vulnerability that can let attackers gain admin rights on vulnerable systems and execute arbitrary code with SYSTEM privileges. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-workarounds-for-new-windows-10-zero-day-bug/
Microsoft has shared workarounds for a Windows 10 zero-day vulnerability that can let attackers gain admin rights on vulnerable systems and execute arbitrary code with SYSTEM privileges. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-workarounds-for-new-windows-10-zero-day-bug/
BleepingComputer
Microsoft shares workaround for Windows 10 SeriousSAM vulnerability
Microsoft has shared a workaround for a Windows 10 zero-day vulnerability dubbed SeriousSAM that can let attackers gain admin rights on vulnerable systems and execute arbitrary code with SYSTEM privileges.
XLoader malware steals logins from macOS and Windows systems
A highly popular malware for stealing information from Windows systems has been modified into a new strain called XLoader, which can also target macOS systems. [...]
https://www.bleepingcomputer.com/news/security/xloader-malware-steals-logins-from-macos-and-windows-systems/
A highly popular malware for stealing information from Windows systems has been modified into a new strain called XLoader, which can also target macOS systems. [...]
https://www.bleepingcomputer.com/news/security/xloader-malware-steals-logins-from-macos-and-windows-systems/
BleepingComputer
XLoader malware steals logins from macOS and Windows systems
A highly popular malware for stealing information from Windows systems has been modified into a new strain called XLoader, which can also target macOS systems.
Google Chrome now comes with up to 50x faster phishing detection
Google Chrome now comes with up to 50 times faster phishing detection starting with the latest released version 92, promoted to the stable channel on Tuesday. [...]
https://www.bleepingcomputer.com/news/security/google-chrome-now-comes-with-up-to-50x-faster-phishing-detection/
Google Chrome now comes with up to 50 times faster phishing detection starting with the latest released version 92, promoted to the stable channel on Tuesday. [...]
https://www.bleepingcomputer.com/news/security/google-chrome-now-comes-with-up-to-50x-faster-phishing-detection/
BleepingComputer
Google Chrome now comes with up to 50x faster phishing detection
Google Chrome now comes with up to 50 times faster phishing detection starting with the latest released version 92, promoted to the stable channel on Tuesday.
NPM package steals Chrome passwords on Windows via recovery tool
New npm malware has been caught stealing credentials from the Google Chrome web browser by using legitimate password recovery tools on Windows systems. Additionally, this malware listens for incoming connections from the attacker's C2 server and provides advanced capabilities, including screen and camera access. [...]
https://www.bleepingcomputer.com/news/security/npm-package-steals-chrome-passwords-on-windows-via-recovery-tool/
New npm malware has been caught stealing credentials from the Google Chrome web browser by using legitimate password recovery tools on Windows systems. Additionally, this malware listens for incoming connections from the attacker's C2 server and provides advanced capabilities, including screen and camera access. [...]
https://www.bleepingcomputer.com/news/security/npm-package-steals-chrome-passwords-on-windows-via-recovery-tool/
BleepingComputer
NPM package steals Chrome passwords on Windows via recovery tool
New npm malware has been caught stealing credentials from the Google Chrome web browser by using legitimate password recovery tools on Windows systems. Additionally, this malware listens for incoming connections from the attacker's C2 server and providesβ¦
Chinese state hackers breached over a dozen US pipeline operators
Chinese state-sponsored attackers have breached 13 US oil and natural gas (ONG) pipeline companies between December 2011 to 2013 following a spear-phishing campaign targeting their employees. [...]
https://www.bleepingcomputer.com/news/security/chinese-state-hackers-breached-over-a-dozen-us-pipeline-operators/
Chinese state-sponsored attackers have breached 13 US oil and natural gas (ONG) pipeline companies between December 2011 to 2013 following a spear-phishing campaign targeting their employees. [...]
https://www.bleepingcomputer.com/news/security/chinese-state-hackers-breached-over-a-dozen-us-pipeline-operators/
BleepingComputer
Chinese state hackers breached over a dozen US pipeline operators
Chinese state-sponsored attackers have breached 13 US oil and natural gas (ONG) pipeline companies between December 2011 to 2013 following a spear-phishing campaign targeting their employees.