Major US, UK Water Companies Hit by Ransomware 2024-01-24 at 13:16 By Eduard Kovacs Two major water companies, Veolia in the US and Southern Water in the UK, have been targeted in ransomware attacks that resulted in data breaches. The post Major US, UK Water Companies Hit by Ransomware appeared first on SecurityWeek. This article […]
Major US, UK Water Companies Hit by Ransomware Read More »
Cybercrime’s Silent Operator: The Unraveling of VexTrio’s Malicious Network Empire 2024-01-24 at 00:31 By Kevin Townsend VexTrio is a traffic direction system (TDS) with more than 60 affiliates feeding an unknown number of malicious campaigns. The post Cybercrime’s Silent Operator: The Unraveling of VexTrio’s Malicious Network Empire appeared first on SecurityWeek. This article is an
Cybercrime’s Silent Operator: The Unraveling of VexTrio’s Malicious Network Empire Read More »
Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure 2024-01-22 at 18:16 By Eduard Kovacs The Atlassian Confluence vulnerability CVE-2023-22527 is being exploited in the wild just days after it was disclosed. The post Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS
Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure Read More »
Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs 2024-01-20 at 01:17 By Ryan Naraine A Russian government-backed hacking team broke into Microsoft’s corporate network and stole emails and attachments from senior executives. The post Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs appeared first on SecurityWeek. This article is
Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs Read More »
VMware vCenter Server Vulnerability Exploited in Wild 2024-01-19 at 13:16 By Eduard Kovacs VMware warns customers that CVE-2023-34048, a vCenter Server vulnerability patched in October 2023, is being exploited in the wild. The post VMware vCenter Server Vulnerability Exploited in Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View
VMware vCenter Server Vulnerability Exploited in Wild Read More »
Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns 2024-01-18 at 16:16 By Eduard Kovacs Russian threat group ColdRiver has developed Spica, a malware that enables it to compromise systems and steal information. The post Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns appeared first on SecurityWeek. This
Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns Read More »
Google Warns of Chrome Browser Zero-Day Being Exploited 2024-01-16 at 23:31 By Ryan Naraine The exploited zero-day, tagged as CVE-2024-0519, is described as an out-of-bounds memory access issue in the V8 JavaScript engine. The post Google Warns of Chrome Browser Zero-Day Being Exploited appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS
Google Warns of Chrome Browser Zero-Day Being Exploited Read More »
Hacker Conversations: HD Moore and the Line Between Black and White 2024-01-16 at 14:47 By Kevin Townsend SecurityWeek talked to HD Moore, best known as the founder and original developer of Metasploit. The post Hacker Conversations: HD Moore and the Line Between Black and White appeared first on SecurityWeek. This article is an excerpt from
Hacker Conversations: HD Moore and the Line Between Black and White Read More »
Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins 2024-01-16 at 12:46 By Eduard Kovacs The recently disclosed Ivanti VPN zero-days have been exploited to hack at least 1,700 devices, including government, telecoms, defense, and tech. The post Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins appeared first on SecurityWeek. This article
Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins Read More »
New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise 2024-01-12 at 14:31 By Ionut Arghire Researchers detail a CI/CD attack leading to PyTorch releases compromise via GitHub Actions self-hosted runners. The post New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise appeared first on SecurityWeek. This article
New Class of CI/CD Attacks Could Have Led to PyTorch Supply Chain Compromise Read More »
Mandiant Details How Its X Account Was Hacked 2024-01-11 at 14:32 By Eduard Kovacs Mandiant’s X account was hacked as a result of a brute force attack as part of a cryptocurrency scheme that earned at least $900k. The post Mandiant Details How Its X Account Was Hacked appeared first on SecurityWeek. This article is
Mandiant Details How Its X Account Was Hacked Read More »
Hewlett Packard Enterprise to Acquire Juniper Networks for $14 Billion 2024-01-10 at 05:18 By SecurityWeek News This acquisition is expected to double HPE’s networking business and expand its portfolio with AI-native networking offerings. The post Hewlett Packard Enterprise to Acquire Juniper Networks for $14 Billion appeared first on SecurityWeek. This article is an excerpt from
Hewlett Packard Enterprise to Acquire Juniper Networks for $14 Billion Read More »
Bosch Nutrunner Vulnerabilities Could Aid Hacker Attacks Against Automotive Production Lines 2024-01-09 at 16:01 By Eduard Kovacs Hackers can take complete control of Bosch Rexroth nutrunners, installing ransomware or altering settings to cause financial impact and brand damage. The post Bosch Nutrunner Vulnerabilities Could Aid Hacker Attacks Against Automotive Production Lines appeared first on SecurityWeek.
Merck Settles NotPetya Insurance Claim, Leaving Cyberwar Definition Unresolved 2024-01-05 at 18:32 By Kevin Townsend In a landmark case that blurs the lines between cyber and kinetic warfare, Merck reached a settlement with insurers over a $1.4 billion claim stemming from the NotPetya malware attack. The post Merck Settles NotPetya Insurance Claim, Leaving Cyberwar Definition
Merck Settles NotPetya Insurance Claim, Leaving Cyberwar Definition Unresolved Read More »
RIPE Account Hacking Leads to Major Internet Outage at Orange Spain 2024-01-04 at 13:46 By Eduard Kovacs Orange Spain’s internet went down for several hours after its RIPE account was hacked, likely after malware stole the credentials. The post RIPE Account Hacking Leads to Major Internet Outage at Orange Spain appeared first on SecurityWeek. This
RIPE Account Hacking Leads to Major Internet Outage at Orange Spain Read More »
Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack 2024-01-03 at 13:18 By Ionut Arghire Xerox says personal information was stolen in a cyberattack at US subsidiary Xerox Business Solutions. The post Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS
Xerox Confirms Data Breach at US Subsidiary Following Ransomware Attack Read More »
States and Congress Wrestle With Cybersecurity After Iran Attacks Small Town Water Utilities 2024-01-03 at 00:16 By Associated Press The hacking of a municipal water plant is prompting new warnings from U.S. security officials at a time when governments are wrestling with how to harden water utilities against cyberattacks. The post States and Congress Wrestle
Critical Apache OFBiz Vulnerability in Attacker Crosshairs 2023-12-29 at 13:17 By Eduard Kovacs Shadowserver sees possible in-the-wild exploitation of a critical Apache OFBiz vulnerability tracked as CVE-2023-49070. The post Critical Apache OFBiz Vulnerability in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source
Critical Apache OFBiz Vulnerability in Attacker Crosshairs Read More »
Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones 2023-12-28 at 14:01 By Ionut Arghire iOS zero-click attack targeting Kaspersky iPhones bypassed hardware-based security protections to take over devices. The post Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed
Mysterious Apple SoC Feature Exploited to Hack Kaspersky Employee iPhones Read More »
Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day 2023-12-27 at 13:16 By Eduard Kovacs Chinese hackers exploited a zero-day tracked as CVE-2023-7102 to deliver malware to Barracuda Email Security Gateway (ESG) appliances. The post Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day appeared first on SecurityWeek. This
Chinese Hackers Deliver Malware to Barracuda Email Security Appliances via New Zero-Day Read More »