Featured

HPE Says Russian Government Hackers Had Access to Emails for 6 Months

APT29, Email, email security, Featured, HPE, Nation-State, Russia /

HPE Says Russian Government Hackers Had Access to Emails for 6 Months 2024-01-25 at 12:16 By Eduard Kovacs HPE told the SEC that Russian state-sponsored threat group Midnight Blizzard had access to an email system for several months. The post HPE Says Russian Government Hackers Had Access to Emails for 6 Months appeared first on […]

React to this headline:

Loading spinner

HPE Says Russian Government Hackers Had Access to Emails for 6 Months Read More »

Major US, UK Water Companies Hit by Ransomware

data breach, Featured, Ransomware, Water /

Major US, UK Water Companies Hit by Ransomware 2024-01-24 at 13:16 By Eduard Kovacs Two major water companies, Veolia in the US and Southern Water in the UK, have been targeted in ransomware attacks that resulted in data breaches. The post Major US, UK Water Companies Hit by Ransomware appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Major US, UK Water Companies Hit by Ransomware Read More »

Cybercrime’s Silent Operator: The Unraveling of VexTrio’s Malicious Network Empire

cybercrime, Featured /

Cybercrime’s Silent Operator: The Unraveling of VexTrio’s Malicious Network Empire 2024-01-24 at 00:31 By Kevin Townsend VexTrio is a traffic direction system (TDS) with more than 60 affiliates feeding an unknown number of malicious campaigns. The post Cybercrime’s Silent Operator: The Unraveling of VexTrio’s Malicious Network Empire appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

Cybercrime’s Silent Operator: The Unraveling of VexTrio’s Malicious Network Empire Read More »

Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure

Atlassian, Confluence, exploited, Featured, Vulnerabilities, vulnerability /

Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure 2024-01-22 at 18:16 By Eduard Kovacs The Atlassian Confluence vulnerability CVE-2023-22527 is being exploited in the wild just days after it was disclosed.  The post Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure Read More »

Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs

APT29, Data Breaches, Featured, Microsoft, Nation-State, Nobelium, Russia /

Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs 2024-01-20 at 01:17 By Ryan Naraine A Russian government-backed hacking team broke into Microsoft’s corporate network and stole emails and attachments from senior executives. The post Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs Read More »

VMware vCenter Server Vulnerability Exploited in Wild 

exploited, Featured, VMWare, Vulnerabilities /

VMware vCenter Server Vulnerability Exploited in Wild  2024-01-19 at 13:16 By Eduard Kovacs VMware warns customers that CVE-2023-34048, a vCenter Server vulnerability patched in October 2023, is being exploited in the wild.  The post VMware vCenter Server Vulnerability Exploited in Wild  appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Loading spinner

VMware vCenter Server Vulnerability Exploited in Wild  Read More »

Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns

Cyberwarfare, espionage, Featured, Russia, Star Blizzard /

Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns 2024-01-18 at 16:16 By Eduard Kovacs Russian threat group ColdRiver has developed Spica, a malware that enables it to compromise systems and steal information.  The post Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns Read More »

Google Warns of Chrome Browser Zero-Day Being Exploited

CVE-2024-0519, Featured, Google Chrome, V8 Engine, Vulnerabilities, Zero-Day /

Google Warns of Chrome Browser Zero-Day Being Exploited 2024-01-16 at 23:31 By Ryan Naraine The exploited zero-day, tagged as CVE-2024-0519, is described as an out-of-bounds memory access issue in the V8 JavaScript engine. The post Google Warns of Chrome Browser Zero-Day Being Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Google Warns of Chrome Browser Zero-Day Being Exploited Read More »

Hacker Conversations: HD Moore and the Line Between Black and White

Featured, Hacker Conversations, HD Moore, Metasploit /

Hacker Conversations: HD Moore and the Line Between Black and White 2024-01-16 at 14:47 By Kevin Townsend SecurityWeek talked to HD Moore, best known as the founder and original developer of Metasploit. The post Hacker Conversations: HD Moore and the Line Between Black and White appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Hacker Conversations: HD Moore and the Line Between Black and White Read More »

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins

exploited, Featured, Ivanti, Malware & Threats, Zero-Day /

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins 2024-01-16 at 12:46 By Eduard Kovacs The recently disclosed Ivanti VPN zero-days have been exploited to hack at least 1,700 devices, including government, telecoms, defense, and tech. The post Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins Read More »

New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise

Application Security, Featured, PyTorch, supply chain, Supply Chain Security /

New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise 2024-01-12 at 14:31 By Ionut Arghire Researchers detail a CI/CD attack leading to PyTorch releases compromise via GitHub Actions self-hosted runners. The post New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise Read More »

Mandiant Details How Its X Account Was Hacked

Cryptocurrency, cybercrime, Featured, Mandiant /

Mandiant Details How Its X Account Was Hacked 2024-01-11 at 14:32 By Eduard Kovacs Mandiant’s X account was hacked as a result of a brute force attack as part of a cryptocurrency scheme that earned at least $900k. The post Mandiant Details How Its X Account Was Hacked appeared first on SecurityWeek. This article is

React to this headline:

Loading spinner

Mandiant Details How Its X Account Was Hacked Read More »

Hewlett Packard Enterprise to Acquire Juniper Networks for $14 Billion

Artificial Intelligence, Featured, Funding/M&A, Network Security /

Hewlett Packard Enterprise to Acquire Juniper Networks for $14 Billion 2024-01-10 at 05:18 By SecurityWeek News This acquisition is expected to double HPE’s networking business and expand its portfolio with AI-native networking offerings. The post Hewlett Packard Enterprise to Acquire Juniper Networks for $14 Billion appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Hewlett Packard Enterprise to Acquire Juniper Networks for $14 Billion Read More »

Bosch Nutrunner Vulnerabilities Could Aid Hacker Attacks Against Automotive Production Lines

Featured, ICS, ICS/OT, IoT, IoT Security, vulnerability /

Bosch Nutrunner Vulnerabilities Could Aid Hacker Attacks Against Automotive Production Lines 2024-01-09 at 16:01 By Eduard Kovacs Hackers can take complete control of Bosch Rexroth nutrunners, installing ransomware or altering settings to cause financial impact and brand damage. The post Bosch Nutrunner Vulnerabilities Could Aid Hacker Attacks Against Automotive Production Lines appeared first on SecurityWeek.

React to this headline:

Loading spinner

Bosch Nutrunner Vulnerabilities Could Aid Hacker Attacks Against Automotive Production Lines Read More »

Merck Settles NotPetya Insurance Claim, Leaving Cyberwar Definition Unresolved

cyber insurance, Cyberwarfare, Featured, Merck, NotPetya /

Merck Settles NotPetya Insurance Claim, Leaving Cyberwar Definition Unresolved 2024-01-05 at 18:32 By Kevin Townsend In a landmark case that blurs the lines between cyber and kinetic warfare, Merck reached a settlement with insurers over a $1.4 billion claim stemming from the NotPetya malware attack. The post Merck Settles NotPetya Insurance Claim, Leaving Cyberwar Definition

React to this headline:

Loading spinner

Merck Settles NotPetya Insurance Claim, Leaving Cyberwar Definition Unresolved Read More »

RIPE Account Hacking Leads to Major Internet Outage at Orange Spain 

BGP, Featured, Mobile & Wireless, Orange /

RIPE Account Hacking Leads to Major Internet Outage at Orange Spain  2024-01-04 at 13:46 By Eduard Kovacs Orange Spain’s internet went down for several hours after its RIPE account was hacked, likely after malware stole the credentials. The post RIPE Account Hacking Leads to Major Internet Outage at Orange Spain  appeared first on SecurityWeek. This

React to this headline:

Loading spinner

RIPE Account Hacking Leads to Major Internet Outage at Orange Spain  Read More »

Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack

data breach, Data Breaches, Featured, Ransomware /

Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack 2024-01-03 at 13:18 By Ionut Arghire Xerox says personal information was stolen in a cyberattack at US subsidiary Xerox Business Solutions. The post Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack Read More »

States and Congress Wrestle With Cybersecurity After Iran Attacks Small Town Water Utilities

Featured, ICS, ICS/OT, Water /

States and Congress Wrestle With Cybersecurity After Iran Attacks Small Town Water Utilities 2024-01-03 at 00:16 By Associated Press The hacking of a municipal water plant is prompting new warnings from U.S. security officials at a time when governments are wrestling with how to harden water utilities against cyberattacks. The post States and Congress Wrestle

React to this headline:

Loading spinner

States and Congress Wrestle With Cybersecurity After Iran Attacks Small Town Water Utilities Read More »

Critical Apache OFBiz Vulnerability in Attacker Crosshairs

Apache, exploited, Featured, Vulnerabilities /

Critical Apache OFBiz Vulnerability in Attacker Crosshairs 2023-12-29 at 13:17 By Eduard Kovacs Shadowserver sees possible in-the-wild exploitation of a critical Apache OFBiz vulnerability tracked as CVE-2023-49070. The post Critical Apache OFBiz Vulnerability in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to this

React to this headline:

Loading spinner

Critical Apache OFBiz Vulnerability in Attacker Crosshairs Read More »

Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones

exploit, Featured, iOS, Mobile & Wireless, Operation Triangulation /

Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones 2023-12-28 at 14:01 By Ionut Arghire iOS zero-click attack targeting Kaspersky iPhones bypassed hardware-based security protections to take over devices. The post Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones Read More »

Scroll to Top