Cisco has fixed a maximum severity vulnerability that allows attackers to run commands with root privileges on vulnerable Ultra-Reliable Wireless Backhaul (URWB) access points that provide connectivity for industrial wireless automation. […]
New SteelFox malware hijacks Windows PCs using vulnerable driver
A new malicious package called ‘SteelFox’ mines for cryptocurrency and steals credit card data by using the “bring your own vulnerable driver” technique to get SYSTEM privileges on Windows machines. […]
VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware
An ongoing threat campaign dubbed VEILDrive has been observed taking advantage of legitimate services from Microsoft, including Teams, SharePoint, Quick Assist, and OneDrive, as part of its modus operandi.
“Leveraging Microsoft SaaS services — including Teams, SharePoint, Quick Assist, and OneDrive — the attacker exploited the trusted infrastructures of previously compromised organizations to
“Leveraging Microsoft SaaS services — including Teams, SharePoint, Quick Assist, and OneDrive — the attacker exploited the trusted infrastructures of previously compromised organizations to
Washington courts’ systems offline following weekend cyberattack
Court systems across Washington state have been down since Sunday when officials said “unauthorized activity” was detected on their networks. […]
Google Cloud Rolling Out Mandatory MFA for All Users
Starting this month, Google Cloud will be rolling out mandatory MFA for all users who sign in with a password.
The post Google Cloud Rolling Out Mandatory MFA for All Users appeared first on SecurityWeek.
Germany drafts law to protect researchers who find security flaws
The Federal Ministry of Justice in Germany has drafted a law to provide legal protection to security researchers who discover and responsibly report security vulnerabilities to vendors. […]
New Winos 4.0 Malware Infects Gamers Through Malicious Game Optimization Apps
Cybersecurity researchers are warning that a command-and-control (C&C) framework called Winos is being distributed within gaming-related applications like installation tools, speed boosters, and optimization utilities.
“Winos 4.0 is an advanced malicious framework that offers comprehensive functionality, a stable architecture, and efficient control over numerous online endpoints to execute
“Winos 4.0 is an advanced malicious framework that offers comprehensive functionality, a stable architecture, and efficient control over numerous online endpoints to execute
CrowdStrike to Acquire Adaptive Shield in Reported $300 Million Deal
CrowdStrike is acquiring Israeli SaaS security firm Adaptive Shield to boost the capabilities of its Falcon cybersecurity platform.
The post CrowdStrike to Acquire Adaptive Shield in Reported $300 Million Deal appeared first on SecurityWeek.
22,000 IPs Taken Down in Global Cybercrime Crackdown
Over 22,000 malicious IPs were taken down in a law enforcement operation against phishing, infostealers, and ransomware.
The post 22,000 IPs Taken Down in Global Cybercrime Crackdown appeared first on SecurityWeek.
Microchip Technology Reports $21.4 Million Cost From Ransomware Attack
Microchip Technology’s latest financial report reveals the company’s expenses due to the recent cybersecurity incident.
The post Microchip Technology Reports $21.4 Million Cost From Ransomware Attack appeared first on SecurityWeek.