Microsoft says the February 2024 updates fail to install on Windows 11 22H2 and 23H2 systems, with 0x800F0922 errors and downloads stopping at 96%. […]
WordPress Plugin Alert – Critical SQLi Vulnerability Threatens 200K+ Websites
A critical security flaw has been disclosed in a popular WordPress plugin called Ultimate Member that has more than 200,000 active installations.
The vulnerability, tracked as CVE-2024-1071, carries a CVSS score of 9.8 out of a maximum of 10. Security researcher Christiaan Swiers has been credited with discovering and reporting the flaw.
In an advisory published last week, WordPress
The vulnerability, tracked as CVE-2024-1071, carries a CVSS score of 9.8 out of a maximum of 10. Security researcher Christiaan Swiers has been credited with discovering and reporting the flaw.
In an advisory published last week, WordPress
UnitedHealth subsidiary Optum hack linked to BlackCat ransomware
A cyberattack on UnitedHealth Group subsidiary Optum that led to an ongoing outage impacting the Change Healthcare payment exchange platform was linked to the BlackCat ransomware group by sources familiar with the investigation. […]
New IDAT loader version uses steganography to push Remcos RAT
A hacking group tracked as ‘UAC-0184’ was observed utilizing steganographic image files to deliver the Remcos remote access trojan (RAT) onto the systems of a Ukrainian entity operating in Finland. […]
Mowing down demons: DOOM comes to Husqvarna smart lawnmowers
If you ever wanted to play DOOM on a lawnmower, you will soon have your chance with a new software update coming to Husqvarna’s robotic line of lawnmowers this spring. […]
White House urges devs to switch to memory-safe programming languages
The White House Office of the National Cyber Director (ONCD) urged tech companies today to switch to memory-safe programming languages, such as Rust, to improve software security by reducing the number of memory safety vulnerabilities. […]
Hackers exploit 14-year-old CMS editor on govt, edu sites for SEO poisoning
Threat actors are exploiting a CMS editor discontinued 14 years ago to compromise education and government entities worldwide to poison search results with malicious sites or scams. […]
Russian hackers shift to cloud attacks, US and allies warn
Members of the Five Eyes (FVEY) intelligence alliance warned today that APT29 Russian Foreign Intelligence Service (SVR) hackers are now switching to attacks targeting their victims’ cloud services. […]
Steel giant ThyssenKrupp confirms cyberattack on automotive division
Steel giant ThyssenKrupp confirms that hackers breached systems in its Automotive division last week, forcing them to shut down IT systems as part of its response and containment effort. […]
Cybersecurity Training Not Sticking? How to Fix Risky Password Habits
While security training can help create a culture of cybersecurity awareness, it can’t be relied upon to consistently change behavior. Learn more from Specops Software about the limitations of training and five ways you can increase password security. […]