Microsoft has acknowledged a new issue affecting Outlook for Microsoft 365 users and causing email-sending problems for those with too many nested folders. […]
ALPHV ransomware site outage rumored to be caused by law enforcement
A law enforcement operation is rumored to be behind an outage affecting ALPHV ransomware gang’s websites over the last 30 hours. […]
New 5G Modems Flaws Affect iOS Devices and Android Models from Major Brands
A collection of security flaws in the firmware implementation of 5G mobile network modems from major chipset vendors such as MediaTek and Qualcomm impact USB and IoT modems as well as hundreds of smartphone models running Android and iOS.
Of the 14 flaws – collectively called 5Ghoul (a combination of “5G” and “Ghoul”) – 10 affect 5G modems from the two companies, out of which three
Of the 14 flaws – collectively called 5Ghoul (a combination of “5G” and “Ghoul”) – 10 affect 5G modems from the two companies, out of which three
Privilege elevation exploits used in over 50% of insider attacks
Elevation of privilege flaws are the most common vulnerability leveraged by corporate insiders when conducting unauthorized activities on networks, whether for malicious purposes or by downloading risky tools in a dangerous manner. […]
Amazon sues REKK fraud gang that stole millions in illicit refunds
Amazon’s Customer Protection and Enforcement team has taken legal action against an underground store refund scheme that has resulted in the theft of millions of dollars worth of products from Amazon’s online platforms. […]
New 5Ghoul attack impacts 5G phones with Qualcomm, MediaTek chips
A new set of vulnerabilities in 5G modems by Qualcomm and MediaTek, collectively called “5Ghoul,” impact 710 5G smartphone models from Google partners (Android) and Apple, routers, and USB modems. […]
N. Korean Kimsuky Targeting South Korean Research Institutes with Backdoor Attacks
The North Korean threat actor known as Kimsuky has been observed targeting research institutes in South Korea as part of a spear-phishing campaign with the ultimate goal of distributing backdoors on compromised systems.
“The threat actor ultimately uses a backdoor to steal information and execute commands,” the AhnLab Security Emergency Response Center (ASEC) said in an
“The threat actor ultimately uses a backdoor to steal information and execute commands,” the AhnLab Security Emergency Response Center (ASEC) said in an
Ransomware-as-a-Service: The Growing Threat You Can’t Ignore
Ransomware attacks have become a significant and pervasive threat in the ever-evolving realm of cybersecurity. Among the various iterations of ransomware, one trend that has gained prominence is Ransomware-as-a-Service (RaaS). This alarming development has transformed the cybercrime landscape, enabling individuals with limited technical expertise to carry out devastating attacks.
Mac Users Beware: New Trojan-Proxy Malware Spreading via Pirated Software
Unauthorized websites distributing trojanized versions of cracked software have been found to infect Apple macOS users with a new Trojan-Proxy malware.
“Attackers can use this type of malware to gain money by building a proxy server network or to perform criminal acts on behalf of the victim: to launch attacks on websites, companies and individuals, buy guns, drugs, and other illicit
“Attackers can use this type of malware to gain money by building a proxy server network or to perform criminal acts on behalf of the victim: to launch attacks on websites, companies and individuals, buy guns, drugs, and other illicit
WordPress Releases Update 6.4.2 to Address Critical Remote Attack Vulnerability
WordPress has released version 6.4.2 with a patch for a critical security flaw that could be exploited by threat actors by combining it with another bug to execute arbitrary PHP code on vulnerable sites.
“A remote code execution vulnerability that is not directly exploitable in core; however, the security team feels that there is a potential for high severity when combined with some plugins,
“A remote code execution vulnerability that is not directly exploitable in core; however, the security team feels that there is a potential for high severity when combined with some plugins,