UK telecommunications company TalkTalk is investigating a third-party supplier data breach after a threat actor began selling alleged customer data on a hacking forum. […]
PayPal to pay $2 million settlement over 2022 data breach
New York State has announced a $2,000,000 settlement with PayPal over charges it failed to comply with the state’s cybersecurity regulations, leading to a 2022 data breach. […]
Zyxel warns of bad signature update causing firewall boot loops
Zyxel is warning that a bad security signature update is causing critical errors for USG FLEX or ATP Series firewalls, including putting the device into a boot loop. […]
Microsoft to deprecate WSUS driver synchronization in 90 days
Microsoft has reminded Windows administrators that driver synchronization in Windows Server Update Services (WSUS) will be deprecated on April 18, 90 days from now. […]
Subaru Starlink flaw let hackers hijack cars in US and Canada
Security researchers have discovered an arbitrary account takeover flaw in Subaru’s Starlink service that could let attackers track, control, and hijack vehicles in the United States, Canada, and Japan using just a license plate. […]
Hackers use Windows RID hijacking to create hidden admin account
A North Korean threat group has been using a technique called RID hijacking that tricks Windows into treating a low-privileged account as one with administrator permissions. […]
Hacker infects 18,000 “script kiddies” with fake malware builder
A threat actor targeted low-skilled hackers, known as “script kiddies,” with a fake malware builder that secretly infected them with a backdoor to steal data and take over computers. […]
Microsoft: Outdated Exchange servers fail to auto-mitigate security bugs
Microsoft says outdated Exchange servers cannot receive new emergency mitigation definitions because an Office Configuration Service certificate type is being deprecated. […]
Managed Detection and Response – How are you monitoring?
Security Information and Event Management (SIEM) systems are now a critical component of enterprise security. Learn more from Smarttech247 about how its VisionX + Splunk solution can help secure your organization. […]
Subaru Starlink Vulnerability Exposed Cars to Remote Hacking
A vulnerability in Subaru’s Starlink connected vehicle service exposed US, Canada, and Japan vehicle and customer accounts.
The post Subaru Starlink Vulnerability Exposed Cars to Remote Hacking appeared first on SecurityWeek.