Category: BleepingComputer

The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems. […]

The Rhysida ransomware gang has claimed responsibility for a cyberattack on the British Library in October, which has caused a major ongoing IT outage. […]

Learn more from Specops Software about the benefits of self-service password resets and ways to accomplish this with on-premises Active Directory. […]

The Lumma information-stealing malware is now using an interesting tactic to evade detection by security software – the measuring of mouse movements using trigonometry to determine if the malware is running on a real machine or an antivirus sandbox. […]

After Sandworm and APT28 (known as Fancy Bear), another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in WinRAR for cyberattacks. […]

A team of academic researchers from universities in California and Massachusetts demonstrated that it’s possible under certain conditions for passive network attackers to retrieve secret RSA keys from naturally occurring errors leading to failed SSH (secure shell) connection attempts. […]

Microsoft announced a new policy that allows admins to control how optional updates are deployed on Windows 10 enterprise endpoints on their networks. […]

The Federal Communications Commission (FCC) has revealed new rules to shield consumers from criminals who hijack their phone numbers in SIM swapping attacks and port-out fraud. […]

A proof-of-concept exploit was publicly released for a critical remote code execution vulnerability in the CrushFTP enterprise suite, allowing unauthenticated attackers to access files on the server, execute code, and obtain plain-text passwords. […]

Google has officially announced plans to gradually eliminate third-party cookies, a key aspect of its Privacy Sandbox initiative. […]