Multiple popular mobile applications for iOS and Android come with hardcoded, unencrypted credentials for cloud services like Amazon Web Services (AWS) and Microsoft Azure Blob Storage, exposing user data and source code to security breaches. […]
SEC charges tech companies for downplaying SolarWinds breaches
The SEC has charged four companies—Unisys Corp, Avaya Holdings, Check Point Software, and Mimecast—for allegedly misleading investors about the impact of their breaches during the massive 2020 SolarWinds Orion hack. […]
Exploit released for new Windows Server “WinReg” NTLM Relay attack
Proof-of-concept exploit code is now public for a vulnerability in Microsoft’s Remote Registry client that could be used to take control of a Windows domain by downgrading the security of the authentication process. […]
SEC Charges Four Companies Over Misleading Disclosures on SolarWinds Hack
The SEC announces penalties against Unisys, Avaya, Check Point and Mimecast for downplaying the impact of the SolarWinds Orion hack.
The post SEC Charges Four Companies Over Misleading Disclosures on SolarWinds Hack appeared first on SecurityWeek.
Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans
Russian-speaking users have become the target of a new phishing campaign that leverages an open-source phishing toolkit called Gophish to deliver DarkCrystal RAT (aka DCRat) and a previously undocumented remote access trojan dubbed PowerRAT.
“The campaign involves modular infection chains that are either Maldoc or HTML-based infections and require the victim’s intervention to trigger the
“The campaign involves modular infection chains that are either Maldoc or HTML-based infections and require the victim’s intervention to trigger the
US Police Detective Charged With Purchasing Stolen Credentials
Terrance Michael Ciszek is charged with buying stolen account credentials from the Genesis Market dark web marketplace.
The post US Police Detective Charged With Purchasing Stolen Credentials appeared first on SecurityWeek.
Security Flaw in Styra’s OPA Exposes NTLM Hashes to Remote Attackers
Details have emerged about a now-patched security flaw in Styra’s Open Policy Agent (OPA) that, if successfully exploited, could have led to leakage of New Technology LAN Manager (NTLM) hashes.
“The vulnerability could have allowed an attacker to leak the NTLM credentials of the OPA server’s local user account to a remote server, potentially allowing the attacker to relay the authentication or
“The vulnerability could have allowed an attacker to leak the NTLM credentials of the OPA server’s local user account to a remote server, potentially allowing the attacker to relay the authentication or
VMware fixes bad patch for critical vCenter Server RCE flaw
VMware has released another security update for CVE-2024-38812, a critical VMware vCenter Server remote code execution vulnerability that was not correctly fixed in the first patch from September 2024. […]
Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks
Bad actors have been observed targeting Docker remote API servers to deploy the SRBMiner crypto miner on compromised instances, according to new findings from Trend Micro.
“In this attack, the threat actor used the gRPC protocol over h2c to evade security solutions and execute their crypto mining operations on the Docker host,” researchers Abdelrahman Esmail and Sunil Bharti said in a technical
“In this attack, the threat actor used the gRPC protocol over h2c to evade security solutions and execute their crypto mining operations on the Docker host,” researchers Abdelrahman Esmail and Sunil Bharti said in a technical
Stream.Security Secures $30 Million Series B
Stream.Security (formerly Lightlytics) has raised a total of $55 million since launching in 2020 with a cloud data security product.
The post Stream.Security Secures $30 Million Series B appeared first on SecurityWeek.