Microsoft says Windows 11 22H2 now natively supports almost a dozen additional archive formats, including RAR, 7-Zip, Tar, and GZ archives. […]
Hackers email stolen student data to parents of Nevada school district
The Clark County School District (CCSD) in Nevada is dealing with a potentially massive data breach, as hackers email parents their children’s’ data that was allegedly stolen during a recent cyberattack. […]
HackerOne paid ethical hackers over $300 million in bug bounties
HackerOne has announced that its bug bounty programs have awarded over $300 million in rewards to ethical hackers and vulnerability researchers since the platform’s inception. […]
Researchers Uncover Wiretapping of XMPP-Based Instant Messaging Service
New findings have shed light on what’s said to be a lawful attempt to covertly intercept traffic originating from jabber[.]ru (aka xmpp[.]ru), an XMPP-based instant messaging service, via servers hosted on Hetzner and Linode (a subsidiary of Akamai) in Germany.
“The attacker has issued several new TLS certificates using Let’s Encrypt service which were used to hijack encrypted STARTTLS
“The attacker has issued several new TLS certificates using Let’s Encrypt service which were used to hijack encrypted STARTTLS
Hackers earn over $1 million for 58 zero-days at Pwn2Own Toronto
The Pwn2Own Toronto 2023 hacking competition has ended with security researchers earning $1,038,500 for 58 zero-day exploits (and multiple bug collisions) targeting consumer products between October 24 and October 27. […]
The Week in Ransomware – October 27th 2023 – Breaking Records
Ransomware attacks are increasing significantly, with reports indicating that last month was a record month for ransomware attacks in 2023. […]
Microsoft 365 users get workaround for ‘Something Went Wrong’ errors
Microsoft shared a workaround for a known Microsoft 365 issue triggering ‘Something Went Wrong [1001]’ sign-in errors and making desktop applications unusable for many customers. […]
Lazarus hackers breached dev repeatedly to deploy SIGNBT malware
The North Korean Lazarus hacking group repeatedly compromised a software vendor using flaws in vulnerable software despite multiple patches and warnings being made available by the developer. […]
F5 fixes BIG-IP auth bypass allowing remote code execution attacks
A critical vulnerability in the F5 BIG-IP configuration utility, tracked as CVE-2023-46747, allows an attacker with remote access to the configuration utility to perform unauthenticated remote code execution. […]
N. Korean Lazarus Group Targets Software Vendor Using Known Flaws
The North Korea-aligned Lazarus Group has been attributed as behind a new campaign in which an unnamed software vendor was compromised through the exploitation of known security flaws in another high-profile software.
The attack sequences, according to Kaspersky, culminated in the deployment of malware families such as SIGNBT and LPEClient, a known hacking tool used by the threat actor for
The attack sequences, according to Kaspersky, culminated in the deployment of malware families such as SIGNBT and LPEClient, a known hacking tool used by the threat actor for