Zyxel Networks has released an emergency security update to address three critical vulnerabilities impacting older NAS devices that have reached end-of-life. […]
Major London hospitals disrupted by Synnovis ransomware attack
A ransomware attack affecting pathology and diagnostic services provider Synnovis has impacted healthcare services at multiple major NHS hospitals in London. […]
Microsoft deprecates Windows NTLM authentication protocol
Microsoft has officially deprecated NTLM authentication on Windows and Windows servers, stating that developers should transition to Kerberos or Negotiation authentication to prevent problems in the future. […]
Russian Power Companies, IT Firms, and Govt Agencies Hit by Decoy Dog Trojan
Russian organizations are at the receiving end of cyber attacks that have been found to deliver a Windows version of a malware called Decoy Dog.
Cybersecurity company Positive Technologies is tracking the activity cluster under the name Operation Lahat, attributing it to an advanced persistent threat (APT) group called HellHounds.
“The Hellhounds group compromises organizations they select and
Cybersecurity company Positive Technologies is tracking the activity cluster under the name Operation Lahat, attributing it to an advanced persistent threat (APT) group called HellHounds.
“The Hellhounds group compromises organizations they select and
Telerik Report Server Flaw Could Let Attackers Create Rogue Admin Accounts
Progress Software has rolled out updates to address a critical security flaw impacting the Telerik Report Server that could be potentially exploited by a remote attacker to bypass authentication and create rogue administrator users.
The issue, tracked as CVE-2024-4358, carries a CVSS score of 9.8 out of a maximum of 10.0.
“In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or
The issue, tracked as CVE-2024-4358, carries a CVSS score of 9.8 out of a maximum of 10.0.
“In Progress Telerik Report Server, version 2024 Q1 (10.0.24.305) or
The Next Generation of RBI (Remote Browser Isolation)
The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads, it has become increasingly inadequate and insecure in today’s SaaS-centric world.
The limitations of Browser Isolation, such as degraded browser performance and inability to tackle
The limitations of Browser Isolation, such as degraded browser performance and inability to tackle
Hackers Use MS Excel Macro to Launch Multi-Stage Malware Attack in Ukraine
A new sophisticated cyber attack has been observed targeting endpoints geolocated to Ukraine with an aim to deploy Cobalt Strike and seize control of the compromised hosts.
The attack chain, per Fortinet FortiGuard Labs, involves a Microsoft Excel file that carries an embedded VBA macro to initiate the infection,
“The attacker uses a multi-stage malware strategy to deliver the notorious ‘Cobalt
The attack chain, per Fortinet FortiGuard Labs, involves a Microsoft Excel file that carries an embedded VBA macro to initiate the infection,
“The attacker uses a multi-stage malware strategy to deliver the notorious ‘Cobalt
Snowflake Warns: Targeted Credential Theft Campaign Hits Cloud Customers
Cloud computing and analytics company Snowflake said a “limited number” of its customers have been singled out as part of a targeted campaign.
“We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform,” the company said in a joint statement along with CrowdStrike and Google-owned Mandiant.
“We have not identified
“We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platform,” the company said in a joint statement along with CrowdStrike and Google-owned Mandiant.
“We have not identified
DarkGate Malware Replaces AutoIt with AutoHotkey in Latest Cyber Attacks
Cyber attacks involving the DarkGate malware-as-a-service (MaaS) operation have shifted away from AutoIt scripts to an AutoHotkey mechanism to deliver the last stages, underscoring continued efforts on the part of the threat actors to continuously stay ahead of the detection curve.
The updates have been observed in version 6 of DarkGate released in March 2024 by its developer RastaFarEye, who
The updates have been observed in version 6 of DarkGate released in March 2024 by its developer RastaFarEye, who
Oracle WebLogic Server OS Command Injection Flaw Under Active Attack
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Oracle WebLogic Server to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
Tracked as CVE-2017-3506 (CVSS score: 7.4), the issue concerns an operating system (OS) command injection vulnerability that could be exploited to obtain unauthorized
Tracked as CVE-2017-3506 (CVSS score: 7.4), the issue concerns an operating system (OS) command injection vulnerability that could be exploited to obtain unauthorized