Grafana fixes zero-day vulnerability after exploits spread over Twitter
Open-source analytics and interactive visualization solution Grafana received an emergency update today to fix a high-severity, zero-day vulnerability that enabled remote access to local files. [...]
https://www.bleepingcomputer.com/news/security/grafana-fixes-zero-day-vulnerability-after-exploits-spread-over-twitter/
Open-source analytics and interactive visualization solution Grafana received an emergency update today to fix a high-severity, zero-day vulnerability that enabled remote access to local files. [...]
https://www.bleepingcomputer.com/news/security/grafana-fixes-zero-day-vulnerability-after-exploits-spread-over-twitter/
BleepingComputer
Grafana fixes zero-day vulnerability after exploits spread over Twitter
Open-source analytics and interactive visualization solution Grafana received an emergency update today to fix a high-severity, zero-day vulnerability that enabled remote access to local files.
Emotet now drops Cobalt Strike, fast forwards ransomware attacks
In a concerning development, the notorious Emotet malware now installs Cobalt Strike beacons directly, giving immediate network access to threat actors and making ransomware attacks imminent. [...]
https://www.bleepingcomputer.com/news/security/emotet-now-drops-cobalt-strike-fast-forwards-ransomware-attacks/
In a concerning development, the notorious Emotet malware now installs Cobalt Strike beacons directly, giving immediate network access to threat actors and making ransomware attacks imminent. [...]
https://www.bleepingcomputer.com/news/security/emotet-now-drops-cobalt-strike-fast-forwards-ransomware-attacks/
BleepingComputer
Emotet now drops Cobalt Strike, fast forwards ransomware attacks
In a concerning development, the notorious Emotet malware now installs Cobalt Strike beacons directly, giving immediate network access to threat actors and making ransomware attacks imminent.
Moobot botnet spreading via Hikvision camera vulnerability
A Mirai-based botnet called 'Moobot' is spreading aggressively via exploiting a critical command injection flaw in the webserver of many Hikvision products. [...]
https://www.bleepingcomputer.com/news/security/moobot-botnet-spreading-via-hikvision-camera-vulnerability/
A Mirai-based botnet called 'Moobot' is spreading aggressively via exploiting a critical command injection flaw in the webserver of many Hikvision products. [...]
https://www.bleepingcomputer.com/news/security/moobot-botnet-spreading-via-hikvision-camera-vulnerability/
BleepingComputer
Moobot botnet spreading via Hikvision camera vulnerability
A Mirai-based botnet called 'Moobot' is spreading aggressively via exploiting a critical command injection flaw in the webserver of many Hikvision products.
Telegram adds content protection support for groups and channels
Telegram has added content protection support to enable users to block others from saving or forwarding posts shared in groups and channels. [...]
https://www.bleepingcomputer.com/news/software/telegram-adds-content-protection-support-for-groups-and-channels/
Telegram has added content protection support to enable users to block others from saving or forwarding posts shared in groups and channels. [...]
https://www.bleepingcomputer.com/news/software/telegram-adds-content-protection-support-for-groups-and-channels/
BleepingComputer
Telegram adds content protection support for groups and channels
Telegram has added content protection support to enable users to block others from saving or forwarding posts shared in groups and channels.
SonicWall βstrongly urgesβ customers to patch critical SMA 100 bugs
SonicWall 'strongly urges' organizations using SMA 100 series appliances to immediately patch them against multiple security flaws rated with CVSS scores ranging from medium to critical. [...]
https://www.bleepingcomputer.com/news/security/sonicwall-strongly-urges-customers-to-patch-critical-sma-100-bugs/
SonicWall 'strongly urges' organizations using SMA 100 series appliances to immediately patch them against multiple security flaws rated with CVSS scores ranging from medium to critical. [...]
https://www.bleepingcomputer.com/news/security/sonicwall-strongly-urges-customers-to-patch-critical-sma-100-bugs/
BleepingComputer
SonicWall βstrongly urgesβ customers to patch critical SMA 100 bugs
SonicWall 'strongly urges' organizations using SMA 100 series appliances to immediately patch them against multiple security flaws rated with CVSS scores ranging from medium to critical.
Torβs main site blocked in Russia as censorship widens
The Tor Project's main website, torproject.org, is actively blocked by Russia's largest internet service providers, and sources from the country claim that the government is getting ready to conduct an extensive block of the project. [...]
https://www.bleepingcomputer.com/news/security/tor-s-main-site-blocked-in-russia-as-censorship-widens/
The Tor Project's main website, torproject.org, is actively blocked by Russia's largest internet service providers, and sources from the country claim that the government is getting ready to conduct an extensive block of the project. [...]
https://www.bleepingcomputer.com/news/security/tor-s-main-site-blocked-in-russia-as-censorship-widens/
BleepingComputer
Torβs main site blocked in Russia as censorship widens
The Tor Project's main website, torproject.org, is actively blocked by Russia's largest internet service providers, and sources from the country claim that the government is getting ready to conduct an extensive block of the project.
XE Group exposed for eight years of hacking, credit card theft
A relatively unknown group of Vietnamese hackers calling themselves 'XE Group' has been linked to eight years of for-profit hacking and credit card skimming. [...]
https://www.bleepingcomputer.com/news/security/xe-group-exposed-for-eight-years-of-hacking-credit-card-theft/
A relatively unknown group of Vietnamese hackers calling themselves 'XE Group' has been linked to eight years of for-profit hacking and credit card skimming. [...]
https://www.bleepingcomputer.com/news/security/xe-group-exposed-for-eight-years-of-hacking-credit-card-theft/
BleepingComputer
XE Group exposed for eight years of hacking, credit card theft
A relatively unknown group of Vietnamese hackers calling themselves 'XE Group' has been linked to eight years of for-profit hacking and credit card skimming.
Hackers infect random WordPress plugins to steal credit cards
Credit card swipers are being injected into random plugins of e-commerce WordPress sites, hiding from detection while stealing customer payment details. [...]
https://www.bleepingcomputer.com/news/security/hackers-infect-random-wordpress-plugins-to-steal-credit-cards/
Credit card swipers are being injected into random plugins of e-commerce WordPress sites, hiding from detection while stealing customer payment details. [...]
https://www.bleepingcomputer.com/news/security/hackers-infect-random-wordpress-plugins-to-steal-credit-cards/
BleepingComputer
Hackers infect random WordPress plugins to steal credit cards
Credit card swipers are being injected into random plugins of e-commerce WordPress sites, hiding from detection while stealing customer payment details.
Microsoft: Secured-core servers help prevent ransomware attacks
Microsoft says the first Secured-core certified Windows Server and Microsoft Azure Stack HCI devices are now available to protect customers' networks from security threats, including ransomware attacks. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-secured-core-servers-help-prevent-ransomware-attacks/
Microsoft says the first Secured-core certified Windows Server and Microsoft Azure Stack HCI devices are now available to protect customers' networks from security threats, including ransomware attacks. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-secured-core-servers-help-prevent-ransomware-attacks/
BleepingComputer
Microsoft: Secured-core servers help prevent ransomware attacks
Microsoft says the first Secured-core certified Windows Server and Microsoft Azure Stack HCI devices are now available to protect customers' networks from security threats, including ransomware attacks.
Windows 11 can now install WSL from the Microsoft Store
Microsoft has added the Windows Subsystem for Linux (WSL) as a separate app to the Microsoft Store with the release of Windows 11 Insider Preview Build 22518 to the Dev Channel. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-11-can-now-install-wsl-from-the-microsoft-store/
Microsoft has added the Windows Subsystem for Linux (WSL) as a separate app to the Microsoft Store with the release of Windows 11 Insider Preview Build 22518 to the Dev Channel. [...]
https://www.bleepingcomputer.com/news/microsoft/windows-11-can-now-install-wsl-from-the-microsoft-store/
BleepingComputer
Windows 11 can now install WSL from the Microsoft Store
Microsoft has added the Windows Subsystem for Linux (WSL) as a separate app to the Microsoft Store with the release of Windows 11 Insider Preview Build 22518 to the Dev Channel.
New Windows 11 Voice Access lets you control the OS with your voice
Windows 11 is getting a new "Voice Access" feature to control the operating system using your voice and a microphone. [...]
https://www.bleepingcomputer.com/news/microsoft/new-windows-11-voice-access-lets-you-control-the-os-with-your-voice/
Windows 11 is getting a new "Voice Access" feature to control the operating system using your voice and a microphone. [...]
https://www.bleepingcomputer.com/news/microsoft/new-windows-11-voice-access-lets-you-control-the-os-with-your-voice/
BleepingComputer
New Windows 11 Voice Access lets you control the OS with your voice
Windows 11 is getting a new "Voice Access" feature to control the operating system using your voice and a microphone.
Amazon is shutting down web ranking site Alexa.com
Amazon announced on Wednesday plans to shut down its global website ranking system and competitor analysis tool "Alexa.com", which has been available for 25 years. [...]
https://www.bleepingcomputer.com/news/technology/amazon-is-shutting-down-web-ranking-site-alexacom/
Amazon announced on Wednesday plans to shut down its global website ranking system and competitor analysis tool "Alexa.com", which has been available for 25 years. [...]
https://www.bleepingcomputer.com/news/technology/amazon-is-shutting-down-web-ranking-site-alexacom/
BleepingComputer
Amazon is shutting down web ranking site Alexa.com
Amazon announced on Wednesday plans to shut down its global website ranking system and competitor analysis tool "Alexa.com", which has been available for 25 years.
Windows 'InstallerFileTakeOver' zero-day bug gets free micropatch
An unofficial patch is available for a zero-day vulnerability that is actively exploited in the wild to gain administrator privileges. [...]
https://www.bleepingcomputer.com/news/security/windows-installerfiletakeover-zero-day-bug-gets-free-micropatch/
An unofficial patch is available for a zero-day vulnerability that is actively exploited in the wild to gain administrator privileges. [...]
https://www.bleepingcomputer.com/news/security/windows-installerfiletakeover-zero-day-bug-gets-free-micropatch/
BleepingComputer
Windows 'InstallerFileTakeOver' zero-day bug gets free micropatch
An unofficial patch is available for a zero-day vulnerability that is actively exploited in the wild to gain administrator privileges.
Hundreds of thousands of MikroTik devices still vulnerable to botnets
Approximately 300,000 MikroTik routers are vulnerable to critical vulnerabilities that malware botnets can exploit for cryptomining and DDoS attacks. [...]
https://www.bleepingcomputer.com/news/security/hundreds-of-thousands-of-mikrotik-devices-still-vulnerable-to-botnets/
Approximately 300,000 MikroTik routers are vulnerable to critical vulnerabilities that malware botnets can exploit for cryptomining and DDoS attacks. [...]
https://www.bleepingcomputer.com/news/security/hundreds-of-thousands-of-mikrotik-devices-still-vulnerable-to-botnets/
BleepingComputer
Hundreds of thousands of MikroTik devices still vulnerable to botnets
Approximately 300,000 MikroTik routers are vulnerable to critical vulnerabilities that malware botnets can exploit for cryptomining and DDoS attacks.
Fujitsu pins Japanese govt data breach on stolen ProjectWEB accounts
Fujitsu says the attackers behind the May data breach used a vulnerability in the company's ProjectWEB information-sharing tool to steal accounts from legitimate users and access proprietary data belonging to multiple Japanese government agencies. [...]
https://www.bleepingcomputer.com/news/security/fujitsu-pins-japanese-govt-data-breach-on-stolen-projectweb-accounts/
Fujitsu says the attackers behind the May data breach used a vulnerability in the company's ProjectWEB information-sharing tool to steal accounts from legitimate users and access proprietary data belonging to multiple Japanese government agencies. [...]
https://www.bleepingcomputer.com/news/security/fujitsu-pins-japanese-govt-data-breach-on-stolen-projectweb-accounts/
BleepingComputer
Fujitsu pins Japanese govt data breach on stolen ProjectWEB accounts
Fujitsu says the attackers behind the May data breach used a vulnerability in the company's ProjectWEB information-sharing tool to steal accounts from legitimate users and access proprietary data belonging to multiple Japanese government agencies.
SanDisk SecureAccess bug allows brute forcing vault passwords
Western Digital has fixed a security vulnerability that enabled attackers to brute force SanDisk SecureAccess passwords and access the users' protected files. [...]
https://www.bleepingcomputer.com/news/security/sandisk-secureaccess-bug-allows-brute-forcing-vault-passwords/
Western Digital has fixed a security vulnerability that enabled attackers to brute force SanDisk SecureAccess passwords and access the users' protected files. [...]
https://www.bleepingcomputer.com/news/security/sandisk-secureaccess-bug-allows-brute-forcing-vault-passwords/
BleepingComputer
SanDisk SecureAccess bug allows brute forcing vault passwords
Western Digital has fixed a security vulnerability that enabled attackers to brute force SanDisk SecureAccess passwords and access the users' protected files.
Cox discloses data breach after hacker impersonates support agent
Cox Communications has disclosed a data breach after a hacker impersonated a support agent to gain access to customers' personal information. [...]
https://www.bleepingcomputer.com/news/security/cox-discloses-data-breach-after-hacker-impersonates-support-agent/
Cox Communications has disclosed a data breach after a hacker impersonated a support agent to gain access to customers' personal information. [...]
https://www.bleepingcomputer.com/news/security/cox-discloses-data-breach-after-hacker-impersonates-support-agent/
BleepingComputer
Cox discloses data breach after hacker impersonates support agent
Cox Communications has disclosed a data breach after a hacker impersonated a support agent to gain access to customers' personal information.
Microsoft previews new endpoint security solution for SMBs
Microsoft Defender for Business, a new endpoint security solution specially built for small and medium-sized businesses (SMBs), is now rolling out in preview worldwide. [...]
https://www.bleepingcomputer.com/news/security/microsoft-previews-new-endpoint-security-solution-for-smbs/
Microsoft Defender for Business, a new endpoint security solution specially built for small and medium-sized businesses (SMBs), is now rolling out in preview worldwide. [...]
https://www.bleepingcomputer.com/news/security/microsoft-previews-new-endpoint-security-solution-for-smbs/
BleepingComputer
Microsoft previews new endpoint security solution for SMBs
Microsoft Defender for Business, a new endpoint security solution specially built for small and medium-sized businesses (SMBs), is now rolling out in preview worldwide.
Microsoft, Google OAuth flaws can be abused in phishing attacks
Researchers have discovered a set of previously unknown methods to launch URL redirection attacks against weak OAuth 2.0 implementations. [...]
https://www.bleepingcomputer.com/news/security/microsoft-google-oauth-flaws-can-be-abused-in-phishing-attacks/
Researchers have discovered a set of previously unknown methods to launch URL redirection attacks against weak OAuth 2.0 implementations. [...]
https://www.bleepingcomputer.com/news/security/microsoft-google-oauth-flaws-can-be-abused-in-phishing-attacks/
BleepingComputer
Microsoft, Google OAuth flaws can be abused in phishing attacks
Researchers have discovered a set of previously unknown methods to launch URL redirection attacks against weak OAuth 2.0 implementations.
Dark Mirai botnet targeting RCE on popular TP-Link router
The botnet known as Dark Mirai (aka MANGA) has been observed exploiting a new vulnerability on the TP-Link TL-WR840N EU V5, a popular inexpensive home router released in 2017. [...]
https://www.bleepingcomputer.com/news/security/dark-mirai-botnet-targeting-rce-on-popular-tp-link-router/
The botnet known as Dark Mirai (aka MANGA) has been observed exploiting a new vulnerability on the TP-Link TL-WR840N EU V5, a popular inexpensive home router released in 2017. [...]
https://www.bleepingcomputer.com/news/security/dark-mirai-botnet-targeting-rce-on-popular-tp-link-router/
BleepingComputer
Dark Mirai botnet targeting RCE on popular TP-Link router
The botnet known as Dark Mirai (aka MANGA) has been observed exploiting a new vulnerability on the TP-Link TL-WR840N EU V5, a popular inexpensive home router released in 2017.
Malicious Notepad++ installers push StrongPity malware
The sophisticated hacking group known as StrongPity is circulating laced Notepad++ installers that infect targets with malware. [...]
https://www.bleepingcomputer.com/news/security/malicious-notepad-plus-plus-installers-push-strongpity-malware/
The sophisticated hacking group known as StrongPity is circulating laced Notepad++ installers that infect targets with malware. [...]
https://www.bleepingcomputer.com/news/security/malicious-notepad-plus-plus-installers-push-strongpity-malware/
BleepingComputer
Malicious Notepad++ installers push StrongPity malware
The sophisticated hacking group known as StrongPity is circulating laced Notepad++ installers that infect targets with malware.