βApache fixes critical OFBiz remote code execution vulnerability
Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers. [...]
https://www.bleepingcomputer.com/news/security/apache-fixes-critical-ofbiz-remote-code-execution-vulnerability/
Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers. [...]
https://www.bleepingcomputer.com/news/security/apache-fixes-critical-ofbiz-remote-code-execution-vulnerability/
BleepingComputer
Apache fixes critical OFBiz remote code execution vulnerability
Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.
π3
βSonicWall SSLVPN access control flaw is now exploited in attacks
SonicWall is warning that a recently fixed access control flaw tracked as CVE-2024-40766 in SonicOS is now "potentially" exploited in attacks, urging admins to apply patches as soon as possible. [...]
https://www.bleepingcomputer.com/news/security/sonicwall-sslvpn-access-control-flaw-is-now-exploited-in-attacks/
SonicWall is warning that a recently fixed access control flaw tracked as CVE-2024-40766 in SonicOS is now "potentially" exploited in attacks, urging admins to apply patches as soon as possible. [...]
https://www.bleepingcomputer.com/news/security/sonicwall-sslvpn-access-control-flaw-is-now-exploited-in-attacks/
BleepingComputer
SonicWall SSLVPN access control flaw is now exploited in attacks
SonicWall is warning that a recently fixed access control flaw tracked as CVE-2024-40766 in SonicOS is now "potentially" exploited in attacks, urging admins to apply patches as soon as possible.
βSpyAgent Android malware steals your crypto recovery phrases from images
A new Android malware named SpyAgent uses optical character recognition (OCR) technology to steal cryptocurrency wallet recovery phrases from screenshots stored on the mobile device. [...]
https://www.bleepingcomputer.com/news/security/spyagent-android-malware-steals-your-crypto-recovery-phrases-from-images/
A new Android malware named SpyAgent uses optical character recognition (OCR) technology to steal cryptocurrency wallet recovery phrases from screenshots stored on the mobile device. [...]
https://www.bleepingcomputer.com/news/security/spyagent-android-malware-steals-your-crypto-recovery-phrases-from-images/
BleepingComputer
SpyAgent Android malware steals your crypto recovery phrases from images
A new Android malware named SpyAgent uses optical character recognition (OCR) technology to steal cryptocurrency wallet recovery phrases from screenshots stored on the mobile device.
π±2π€‘2
βMicrosoft Office 2024 to disable ActiveX controls by default
βAfter Office 2024 launches in October, Microsoft will disable ActiveX controls by default in Word, Excel, PowerPoint, and Visio client apps. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-office-2024-to-disable-activex-controls-by-default/
βAfter Office 2024 launches in October, Microsoft will disable ActiveX controls by default in Word, Excel, PowerPoint, and Visio client apps. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-office-2024-to-disable-activex-controls-by-default/
BleepingComputer
Microsoft Office 2024 to disable ActiveX controls by default
βAfter Office 2024 launches in October, Microsoft will disable ActiveX controls by default in Word, Excel, PowerPoint, and Visio client apps.
π5π1
βCar rental giant Avis discloses data breach impacting customers
American car rental giant Avis disclosed a data breach after attackers breached one of its business applications last month and stole customer personal information. [...]
https://www.bleepingcomputer.com/news/security/car-rental-giant-avis-discloses-data-breach-impacting-customers/
American car rental giant Avis disclosed a data breach after attackers breached one of its business applications last month and stole customer personal information. [...]
https://www.bleepingcomputer.com/news/security/car-rental-giant-avis-discloses-data-breach-impacting-customers/
BleepingComputer
Car rental giant Avis data breach impacts over 299,000 customers
American car rental giant Avis disclosed a data breach after attackers breached one of its business applications last month and stole customer personal information.
π1
βTransport for London staff faces systems disruptions after cyberattack
βTransport for London, the city's public transportation agency, revealed today that its staff has limited access to systems and email due to measures implemented in response to a Sunday cyberattack. [...]
https://www.bleepingcomputer.com/news/security/transport-for-london-staff-faces-systems-disruptions-after-cyberattack/
βTransport for London, the city's public transportation agency, revealed today that its staff has limited access to systems and email due to measures implemented in response to a Sunday cyberattack. [...]
https://www.bleepingcomputer.com/news/security/transport-for-london-staff-faces-systems-disruptions-after-cyberattack/
BleepingComputer
Transport for London staff faces systems disruptions after cyberattack
βTransport for London, the city's public transportation agency, revealed today that its staff has limited access to systems and email due to measures implemented in response to a Sunday cyberattack.
π2π±2
βNew RAMBO attack steals data using RAM in air-gapped computers
A novel side-channel attack dubbed "RAMBO" (Radiation of Air-gapped Memory Bus for Offense) generates electromagnetic radiation from a device's RAM to send data from air-gapped computers. [...]
https://www.bleepingcomputer.com/news/security/new-rambo-attack-steals-data-using-ram-in-air-gapped-computers/
A novel side-channel attack dubbed "RAMBO" (Radiation of Air-gapped Memory Bus for Offense) generates electromagnetic radiation from a device's RAM to send data from air-gapped computers. [...]
https://www.bleepingcomputer.com/news/security/new-rambo-attack-steals-data-using-ram-in-air-gapped-computers/
BleepingComputer
New RAMBO attack steals data using RAM in air-gapped computers
A novel side-channel attack dubbed "RAMBO" (Radiation of Air-gapped Memory Bus for Offense) generates electromagnetic radiation from a device's RAM to send data from air-gapped computers.
π2π₯2β€1
βSextortion scam now use your "cheating" spouseβs name as a lure
A new variant of the ongoing sextortion email scams is now targeting spouses, saying that their husband or wife is cheating on them, with links to the alleged proof. [...]
https://www.bleepingcomputer.com/news/security/sextortion-scam-now-use-your-cheating-spouses-name-as-a-lure/
A new variant of the ongoing sextortion email scams is now targeting spouses, saying that their husband or wife is cheating on them, with links to the alleged proof. [...]
https://www.bleepingcomputer.com/news/security/sextortion-scam-now-use-your-cheating-spouses-name-as-a-lure/
BleepingComputer
Sextortion scam now use your "cheating" spouseβs name as a lure
A new variant of the ongoing sextortion email scams is now targeting spouses, saying that their husband or wife is cheating on them, with links to the alleged proof.
βProgress LoadMaster vulnerable to 10/10 severity RCE flaw
Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. [...]
https://www.bleepingcomputer.com/news/security/progress-loadmaster-vulnerable-to-10-10-severity-rce-flaw/
Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. [...]
https://www.bleepingcomputer.com/news/security/progress-loadmaster-vulnerable-to-10-10-severity-rce-flaw/
BleepingComputer
Progress LoadMaster vulnerable to 10/10 severity RCE flaw
Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device.
β€2π2
βHow to defend against brute force and password spray attacks
While not very sophisticated, brute force password attacks pose a significant threat to an organization's security. Learn more from Specops Software about these types of attacks and how to defend against them. [...]
https://www.bleepingcomputer.com/news/security/how-to-defend-against-brute-force-and-password-spray-attacks/
While not very sophisticated, brute force password attacks pose a significant threat to an organization's security. Learn more from Specops Software about these types of attacks and how to defend against them. [...]
https://www.bleepingcomputer.com/news/security/how-to-defend-against-brute-force-and-password-spray-attacks/
BleepingComputer
How to defend against brute force and password spray attacks
While not very sophisticated, brute force password attacks pose a significant threat to an organization's security. Learn more from Specops Software about these types of attacks and how to defend against them.
β€1
βPayment gateway data breach affects 1.7 million credit card owners
Payment gateway provider Slim CD has disclosed a data breach that compromised credit card and personal data belonging to almost 1.7 million individuals. [...]
https://www.bleepingcomputer.com/news/security/payment-gateway-data-breach-affects-17-million-credit-card-owners/
Payment gateway provider Slim CD has disclosed a data breach that compromised credit card and personal data belonging to almost 1.7 million individuals. [...]
https://www.bleepingcomputer.com/news/security/payment-gateway-data-breach-affects-17-million-credit-card-owners/
BleepingComputer
Payment gateway data breach affects 1.7 million credit card owners
Payment gateway provider Slim CD has disclosed a data breach that compromised credit card and personal data belonging to almost 1.7 million individuals.
βMeta fixes easily bypassed WhatsApp βView Onceβ privacy feature
A privacy flaw in WhatsApp, an instant messenger with over 2 billion users worldwide, is being exploited by attackers to bypass the app's "View once" feature and view messages again. [...]
https://www.bleepingcomputer.com/news/security/meta-fixes-easily-bypassed-whatsapp-view-once-privacy-feature/
A privacy flaw in WhatsApp, an instant messenger with over 2 billion users worldwide, is being exploited by attackers to bypass the app's "View once" feature and view messages again. [...]
https://www.bleepingcomputer.com/news/security/meta-fixes-easily-bypassed-whatsapp-view-once-privacy-feature/
BleepingComputer
Meta fixes easily bypassed WhatsApp βView Onceβ privacy feature
A privacy flaw in WhatsApp, an instant messenger with over 2 billion users worldwide, is being exploited by attackers to bypass the app's "View once" feature and view messages again.
π³4π₯2
βHighline Public Schools closes schools following cyberattack
Highline Public Schools, a K-12 district in Washington state, has shut down all schools and canceled school activities after its technology systems were compromised in a cyberattack. [...]
https://www.bleepingcomputer.com/news/security/highline-public-schools-closes-schools-following-cyberattack/
Highline Public Schools, a K-12 district in Washington state, has shut down all schools and canceled school activities after its technology systems were compromised in a cyberattack. [...]
https://www.bleepingcomputer.com/news/security/highline-public-schools-closes-schools-following-cyberattack/
BleepingComputer
Highline Public Schools closes schools following cyberattack
Highline Public Schools, a K-12 district in Washington state, has shut down all schools and canceled school activities after its technology systems were compromised in a cyberattack.
βChinese hackers use new data theft malware in govt attacks
New attacks attributed to China-based cyber espionage group Mustang Panda show that the threat actor switched to new strategies and malware called FDMTP and PTSOCKET to download payloads and steal information from breached networks. [...]
https://www.bleepingcomputer.com/news/security/chinese-hackers-use-new-data-theft-malware-in-govt-attacks/
New attacks attributed to China-based cyber espionage group Mustang Panda show that the threat actor switched to new strategies and malware called FDMTP and PTSOCKET to download payloads and steal information from breached networks. [...]
https://www.bleepingcomputer.com/news/security/chinese-hackers-use-new-data-theft-malware-in-govt-attacks/
BleepingComputer
Chinese hackers use new data theft malware in govt attacks
New attacks attributed to China-based cyber espionage group Mustang Panda show that the threat actor switched to new strategies and malware called FDMTP and PTSOCKET to download payloads and steal information from breached networks.
π2
βQuad7 botnet targets more SOHO and VPN routers, media servers
The Quad7 botnet is expanding its targeting scope with the addition of new clusters and custom implants that now also target Zyxel VPN appliances and Ruckus wireless routers. [...]
https://www.bleepingcomputer.com/news/security/quad7-botnet-targets-more-soho-and-vpn-routers-media-servers/
The Quad7 botnet is expanding its targeting scope with the addition of new clusters and custom implants that now also target Zyxel VPN appliances and Ruckus wireless routers. [...]
https://www.bleepingcomputer.com/news/security/quad7-botnet-targets-more-soho-and-vpn-routers-media-servers/
BleepingComputer
Quad7 botnet targets more SOHO and VPN routers, media servers
The Quad7 botnet is expanding its targeting scope with the addition of new clusters and custom implants that now also target Zyxel VPN appliances and Ruckus wireless routers.
βCritical SonicWall SSLVPN bug exploited in ransomware attacks
Ransomware affiliates exploit a critical security vulnerability in SonicWall SonicOS firewall devices to breach victims' networks. [...]
https://www.bleepingcomputer.com/news/security/critical-sonicwall-sslvpn-bug-exploited-in-ransomware-attacks/
Ransomware affiliates exploit a critical security vulnerability in SonicWall SonicOS firewall devices to breach victims' networks. [...]
https://www.bleepingcomputer.com/news/security/critical-sonicwall-sslvpn-bug-exploited-in-ransomware-attacks/
BleepingComputer
Critical SonicWall SSLVPN bug exploited in ransomware attacks
Ransomware affiliates exploit a critical security vulnerability in SonicWall SonicOS firewall devices to breach victims' networks.
β€1π¨1
βNoName ransomware gang deploying RansomHub malware in recent attacks
The NoName ransomware gang has been trying to build a reputation for more than three years targeting small and medium-sized businesses worldwide with its encryptors and may now be working as a RansomHub affiliate. [...]
https://www.bleepingcomputer.com/news/security/noname-ransomware-gang-deploying-ransomhub-malware-in-recent-attacks/
The NoName ransomware gang has been trying to build a reputation for more than three years targeting small and medium-sized businesses worldwide with its encryptors and may now be working as a RansomHub affiliate. [...]
https://www.bleepingcomputer.com/news/security/noname-ransomware-gang-deploying-ransomhub-malware-in-recent-attacks/
BleepingComputer
NoName ransomware gang deploying RansomHub malware in recent attacks
The NoName ransomware gang has been trying to build a reputation for more than three years targeting small and medium-sized businesses worldwide with its encryptors and may now be working as a RansomHub affiliate.
βFlipper Zero releases Firmware 1.0 after three years of development
After three years of development, the Flipper Zero team has announced the release of the first major firmware version for the portable, customizable digital hacking device. [...]
https://www.bleepingcomputer.com/news/hardware/flipper-zero-releases-firmware-10-after-three-years-of-development/
After three years of development, the Flipper Zero team has announced the release of the first major firmware version for the portable, customizable digital hacking device. [...]
https://www.bleepingcomputer.com/news/hardware/flipper-zero-releases-firmware-10-after-three-years-of-development/
BleepingComputer
Flipper Zero releases Firmware 1.0 after three years of development
After three years of development, the Flipper Zero team has announced the release of the first major firmware version for the portable, customizable digital hacking device.
π1
βNavigating Endpoint Privilege Management: Insights for CISOs and Admins
Understanding endpoint privilege management is key to defending organizations from advanced attacks. Learn more from ThreatLocker on using endpoint privilege management to better secure your org's systems. [...]
https://www.bleepingcomputer.com/news/security/navigating-endpoint-privilege-management-insights-for-cisos-and-admins/
Understanding endpoint privilege management is key to defending organizations from advanced attacks. Learn more from ThreatLocker on using endpoint privilege management to better secure your org's systems. [...]
https://www.bleepingcomputer.com/news/security/navigating-endpoint-privilege-management-insights-for-cisos-and-admins/
BleepingComputer
Navigating Endpoint Privilege Management: Insights for CISOs and Admins
Understanding endpoint privilege management is key to defending organizations from advanced attacks. Learn more from ThreatLocker on using endpoint privilege management to better secure your org's systems.
β€1
βMicrosoft to start force-upgrading Windows 22H2 systems next month
Microsoft announced that Windows 11 installs reaching the end of support next month, on October 8, will be force-upgraded to Windows 11 23H2. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-to-start-force-upgrading-windows-22h2-systems-next-month/
Microsoft announced that Windows 11 installs reaching the end of support next month, on October 8, will be force-upgraded to Windows 11 23H2. [...]
https://www.bleepingcomputer.com/news/microsoft/microsoft-to-start-force-upgrading-windows-22h2-systems-next-month/
BleepingComputer
Microsoft to start force-upgrading Windows 22H2 systems next month
Microsoft announced that Windows 11 installs reaching the end of support next month, on October 8, will be force-upgraded to Windows 11 23H2.
π6
βWix.com to block Russian users starting September 12
Wix.com has announced it will stop providing services to Russian users on September 12, 2024, with all accounts from Russia, including free and premium, to be blocked and their websites taken down. [...]
https://www.bleepingcomputer.com/news/legal/wixcom-to-block-russian-users-starting-september-12/
Wix.com has announced it will stop providing services to Russian users on September 12, 2024, with all accounts from Russia, including free and premium, to be blocked and their websites taken down. [...]
https://www.bleepingcomputer.com/news/legal/wixcom-to-block-russian-users-starting-september-12/
BleepingComputer
Wix to block Russian users starting September 12
Wix.com has announced it will stop providing services to Russian users on September 12, 2024, with all accounts from Russia, including free and premium, to be blocked and their websites taken down.
β€8π2π©1π€‘1