A Chinese hacking group has breached the email accounts of more than two dozen organizations worldwide, including U.S. and Western European government agencies, according to Microsoft.
FBI tells public to ignore false claims of hacked voter data
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are alerting the public of false claims that the U.S. voter registration data has been compromised in cyberattacks.
Fortinet confirms data breach after hacker claims to steal 440GB of files
Cybersecurity giant Fortinet has confirmed it suffered a data breach after a threat actor claimed to steal 440GB of files from the company's Microsoft SharePoint server.
Fake password manager coding test used to hack Python developers
Members of the North Korean hacker group Lazarus posing as recruiters are baiting Python developers with coding test project for password management products that include malware.
Adobe fixes Acrobat Reader zero-day with public PoC exploit
A cybersecurity researcher is urging users to upgrade Adobe Acrobat Reader after a fix was released yesterday for a remote code execution zero-day with a public in-the-wild proof-of-concept exploit.
Microsoft to start force-upgrading Windows 22H2 systems next month
Microsoft announced that Windows 11 installs reaching the end of support next month, on October 8, will be force-upgraded to Windows 11 23H2.
Microsoft Office 2024 to disable ActiveX controls by default
After Office 2024 launches in October, Microsoft will disable ActiveX controls by default in Word, Excel, PowerPoint, and Visio client apps.
SonicWall SSLVPN access control flaw is now exploited in attacks
SonicWall is warning that a recently fixed access control flaw tracked as CVE-2024-40766 in SonicOS is now "potentially" exploited in attacks, urging admins to apply patches as soon as possible.
Veeam warns of critical RCE flaw in Backup & Replication software
Veeam has released security updates for several of its products as part of a single September 2024 security bulletin that addresses 18 high and critical severity flaws in Veeam Backup & Replication, Service Provider Console, and One.
Understanding the Difference Between Cybersecurity and Cybersecurity Risk
In today's digital age, the terms "cybersecurity" and "cybersecurity risk" are often used interchangeably. However, they represent different concepts that are crucial for understanding how to protect information systems effectively. Let's delve into what these terms mean and how they relate to each other.
PoorTry Windows driver evolves into a full-featured EDR wiper
The malicious PoorTry kernel-mode Windows driver used by multiple ransomware gangs to turn off Endpoint Detection and Response (EDR) solutions has evolved into an EDR wiper, deleting files crucial for the operation of security solutions and making restoration harder.
1012 Hits
Microsoft says it still doesn't know how Chinese hackers stole an inactive Microsoft account (MSA) consumer signing key used to breach the Exchange Online and Azure AD accounts of two dozen organizations, including government agencies.
869 Hits
Microsoft announced today that the upcoming Windows 11, version 23H2, will be available in the fourth quarter of 2023 as an enablement package since it shares Windows 11 22H2's code base and servicing branch.
997 Hits
Security researchers observed a new campaign they attribute to the Charming Kitten APT group where hackers used new NokNok malware that targets macOS systems.
5237 Hits
Security researchers discovered two malicious file management applications on Google Play with a collective installation count of over 1.5 million that collected excessive user data that goes well beyond what's needed to offer the promised functionality.
778 Hits