Featured

Were 3 Million Toothbrushes Really Used for a DDoS Attack?

botnet, DDoS, Featured, IoT Security /

Were 3 Million Toothbrushes Really Used for a DDoS Attack? 2024-02-08 at 13:46 By Eduard Kovacs Three million electric toothbrushes were reportedly used for disruptive DDoS attacks, but cybersecurity experts questioned the claims. The post Were 3 Million Toothbrushes Really Used for a DDoS Attack? appeared first on SecurityWeek. This article is an excerpt from […]

React to this headline:

Loading spinner

Were 3 Million Toothbrushes Really Used for a DDoS Attack? Read More »

Google Links Over 60 Zero-Days to Commercial Spyware Vendors

Featured, Google, Government, spyware, Tracking & Law Enforcement, Zero-Day /

Google Links Over 60 Zero-Days to Commercial Spyware Vendors 2024-02-06 at 13:16 By Eduard Kovacs More than 60 of the Adobe, Google, Android, Microsoft, Mozilla and Apple zero-days that have come to light since 2016 attributed to spyware vendors.  The post Google Links Over 60 Zero-Days to Commercial Spyware Vendors appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Google Links Over 60 Zero-Days to Commercial Spyware Vendors Read More »

AnyDesk Revokes Passwords, Certificates in Response to Hack

AnyDesk, Featured, supply chain, Supply Chain Security /

AnyDesk Revokes Passwords, Certificates in Response to Hack 2024-02-05 at 13:01 By Eduard Kovacs AnyDesk is revoking certificates and passwords in response to a recently discovered security breach impacting production systems. The post AnyDesk Revokes Passwords, Certificates in Response to Hack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

AnyDesk Revokes Passwords, Certificates in Response to Hack Read More »

General Timothy Haugh Takes Lead of NSA and Cyber Command

Cybercom, Cyberwarfare, Featured, Government, NSA /

General Timothy Haugh Takes Lead of NSA and Cyber Command 2024-02-05 at 01:49 By Mike Lennon General Timothy D. Haugh assumed command of NSA and USCYBERCOM on February 2, 2024, taking over the role from General Paul M. Nakasone. The post General Timothy Haugh Takes Lead of NSA and Cyber Command appeared first on SecurityWeek.

React to this headline:

Loading spinner

General Timothy Haugh Takes Lead of NSA and Cyber Command Read More »

Cloudflare Hacked by Suspected State-Sponsored Threat Actor 

Cloudflare, Featured, Nation-State /

Cloudflare Hacked by Suspected State-Sponsored Threat Actor  2024-02-02 at 13:46 By Ionut Arghire A nation-state threat actor accessed internal Cloudflare systems using credentials stolen during the Okta hack. The post Cloudflare Hacked by Suspected State-Sponsored Threat Actor  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Loading spinner

Cloudflare Hacked by Suspected State-Sponsored Threat Actor  Read More »

US Says it Disrupted a China Cyber Threat, but Warns Hackers Could Still Wreak Havoc for Americans

China, Cyberwarfare, Featured, Volt Typhoon /

US Says it Disrupted a China Cyber Threat, but Warns Hackers Could Still Wreak Havoc for Americans 2024-02-01 at 04:31 By Associated Press Chinese government hackers are busily targeting water treatment plants, the electrical grid, transportation systems and other critical infrastructure inside the United States, FBI Director Chris Wray told lawmakers. The post US Says

React to this headline:

Loading spinner

US Says it Disrupted a China Cyber Threat, but Warns Hackers Could Still Wreak Havoc for Americans Read More »

After Delays, Ivanti Patches Zero-Days and Confirms New Exploit

CISA KEV, CVE-2023-46805, CVE-2024-21887, CVE-2024-21893, Featured, Ivanti, Malware & Threats, Vulnerabilities /

After Delays, Ivanti Patches Zero-Days and Confirms New Exploit 2024-01-31 at 19:47 By Ryan Naraine Ivanti documents a brand-new zero-day and belatedly ships patches; Mandiant is reporting “broad exploitation activity.” The post After Delays, Ivanti Patches Zero-Days and Confirms New Exploit appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

After Delays, Ivanti Patches Zero-Days and Confirms New Exploit Read More »

Schneider Electric Division Responding to Ransomware Attack, Data Breach 

Featured, Ransomware, Schneider Electric /

Schneider Electric Division Responding to Ransomware Attack, Data Breach  2024-01-30 at 14:39 By Eduard Kovacs Schneider Electric’s Sustainability Business division disrupted as a result of a ransomware attack and data breach.  The post Schneider Electric Division Responding to Ransomware Attack, Data Breach  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Schneider Electric Division Responding to Ransomware Attack, Data Breach  Read More »

Hackers Earn $1.3M for Tesla, EV Charger, Infotainment Exploits at Pwn2Own Automotive

car hacking, Featured, IoT Security, Pwn2Own, Vulnerabilities /

Hackers Earn $1.3M for Tesla, EV Charger, Infotainment Exploits at Pwn2Own Automotive 2024-01-26 at 11:05 By Eduard Kovacs Participants have earned more than $1.3 million for hacking Teslas, EV chargers and infotainment systems at Pwn2Own Automotive. The post Hackers Earn $1.3M for Tesla, EV Charger, Infotainment Exploits at Pwn2Own Automotive appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Hackers Earn $1.3M for Tesla, EV Charger, Infotainment Exploits at Pwn2Own Automotive Read More »

HPE Says Russian Government Hackers Had Access to Emails for 6 Months

APT29, Email, email security, Featured, HPE, Nation-State, Russia /

HPE Says Russian Government Hackers Had Access to Emails for 6 Months 2024-01-25 at 12:16 By Eduard Kovacs HPE told the SEC that Russian state-sponsored threat group Midnight Blizzard had access to an email system for several months. The post HPE Says Russian Government Hackers Had Access to Emails for 6 Months appeared first on

React to this headline:

Loading spinner

HPE Says Russian Government Hackers Had Access to Emails for 6 Months Read More »

Major US, UK Water Companies Hit by Ransomware

data breach, Featured, Ransomware, Water /

Major US, UK Water Companies Hit by Ransomware 2024-01-24 at 13:16 By Eduard Kovacs Two major water companies, Veolia in the US and Southern Water in the UK, have been targeted in ransomware attacks that resulted in data breaches. The post Major US, UK Water Companies Hit by Ransomware appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Major US, UK Water Companies Hit by Ransomware Read More »

Cybercrime’s Silent Operator: The Unraveling of VexTrio’s Malicious Network Empire

cybercrime, Featured /

Cybercrime’s Silent Operator: The Unraveling of VexTrio’s Malicious Network Empire 2024-01-24 at 00:31 By Kevin Townsend VexTrio is a traffic direction system (TDS) with more than 60 affiliates feeding an unknown number of malicious campaigns. The post Cybercrime’s Silent Operator: The Unraveling of VexTrio’s Malicious Network Empire appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Cybercrime’s Silent Operator: The Unraveling of VexTrio’s Malicious Network Empire Read More »

Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure

Atlassian, Confluence, exploited, Featured, Vulnerabilities, vulnerability /

Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure 2024-01-22 at 18:16 By Eduard Kovacs The Atlassian Confluence vulnerability CVE-2023-22527 is being exploited in the wild just days after it was disclosed.  The post Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure Read More »

Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs

APT29, Data Breaches, Featured, Microsoft, Nation-State, Nobelium, Russia /

Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs 2024-01-20 at 01:17 By Ryan Naraine A Russian government-backed hacking team broke into Microsoft’s corporate network and stole emails and attachments from senior executives. The post Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs Read More »

VMware vCenter Server Vulnerability Exploited in Wild 

exploited, Featured, VMWare, Vulnerabilities /

VMware vCenter Server Vulnerability Exploited in Wild  2024-01-19 at 13:16 By Eduard Kovacs VMware warns customers that CVE-2023-34048, a vCenter Server vulnerability patched in October 2023, is being exploited in the wild.  The post VMware vCenter Server Vulnerability Exploited in Wild  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

VMware vCenter Server Vulnerability Exploited in Wild  Read More »

Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns

Cyberwarfare, espionage, Featured, Russia, Star Blizzard /

Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns 2024-01-18 at 16:16 By Eduard Kovacs Russian threat group ColdRiver has developed Spica, a malware that enables it to compromise systems and steal information.  The post Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns Read More »

Google Warns of Chrome Browser Zero-Day Being Exploited

CVE-2024-0519, Featured, Google Chrome, V8 Engine, Vulnerabilities, Zero-Day /

Google Warns of Chrome Browser Zero-Day Being Exploited 2024-01-16 at 23:31 By Ryan Naraine The exploited zero-day, tagged as CVE-2024-0519, is described as an out-of-bounds memory access issue in the V8 JavaScript engine. The post Google Warns of Chrome Browser Zero-Day Being Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Google Warns of Chrome Browser Zero-Day Being Exploited Read More »

Hacker Conversations: HD Moore and the Line Between Black and White

Featured, Hacker Conversations, HD Moore, Metasploit /

Hacker Conversations: HD Moore and the Line Between Black and White 2024-01-16 at 14:47 By Kevin Townsend SecurityWeek talked to HD Moore, best known as the founder and original developer of Metasploit. The post Hacker Conversations: HD Moore and the Line Between Black and White appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Hacker Conversations: HD Moore and the Line Between Black and White Read More »

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins

exploited, Featured, Ivanti, Malware & Threats, Zero-Day /

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins 2024-01-16 at 12:46 By Eduard Kovacs The recently disclosed Ivanti VPN zero-days have been exploited to hack at least 1,700 devices, including government, telecoms, defense, and tech. The post Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins Read More »

New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise

Application Security, Featured, PyTorch, supply chain, Supply Chain Security /

New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise 2024-01-12 at 14:31 By Ionut Arghire Researchers detail a CI/CD attack leading to PyTorch releases compromise via GitHub Actions self-hosted runners. The post New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise Read More »

Scroll to Top