brangberg – Page 1088

CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
Tracked as CVE-2024-28987 (CVSS score: 9.1), the vulnerability relates to a case of hard-coded credentials that could be abused to gain

Amazon says 175 million customer now use passkeys to log in

Amazon has seen massive adoption of passkeys since the company quietly rolled them out a year ago, announcing today that over 175 million customers use the security feature. […]

Amazon says 175 million customers now use passkeys to log in

Amazon has seen massive adoption of passkeys since the company quietly rolled them out a year ago, announcing today that over 175 million customers use the security feature. […]

Cybercriminals Are Increasingly Helping Russia and China Target the US and Allies, Microsoft Says

The growing collaboration between authoritarian governments and criminal hackers has alarmed national security officials and cybersecurity experts.

The post Cybercriminals Are Increasingly Helping Russia and China Target the US and Allies, Microsoft Says appeared first on SecurityWeek.

Finland seizes servers of ‘Sipultie’ dark web drugs market

The Finnish Customs office took down the website and seized the servers for the darknet marketplace ‘Sipulitie’ where criminals sold illegal narcotics anonymously. […]

Election Day is Close, the Threat of Cyber Disruption is Real

New threat report shows that the potential for disruption to November’s Election Day is severe, and the threat is real.

The post Election Day is Close, the Threat of Cyber Disruption is Real appeared first on SecurityWeek.

EDRSilencer red team tool used in attacks to bypass security

A tool for red-team operations called EDRSilencer has been observed in malicious incidents attempting to identify security tools and mute their alerts to management consoles. […]

GitHub Patches Critical Vulnerability in Enterprise Server

A critical-severity flaw in GitHub Enterprise Server could lead to unauthorized access to the vulnerable instances.

The post GitHub Patches Critical Vulnerability in Enterprise Server appeared first on SecurityWeek.

Volkswagen Says IT Infrastructure Not Affected After Ransomware Gang Claims Data Theft

Volkswagen has issued a statement after the 8Base ransomware group claimed to have stolen valuable data from the company’s systems.

The post Volkswagen Says IT Infrastructure Not Affected After Ransomware Gang Claims Data Theft appeared first on SecurityWeek.

TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns

New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features to steal a device’s unlock pattern or PIN.
“This new addition enables the threat actor to operate on the device even while it is locked,” Zimperium security researcher Aazim Yaswant said in an analysis published last week.
First spotted in the wild in 2019, TrickMo is so named for

Author: brangberg