North Korea's Lazarus hacking group is hacking into Windows Internet Information Service (IIS) web servers to distribute malware. IIS is [...]
Author: Mash
Storm-0558 Chinese hackers gained access to the Microsoft consumer signing key, which had broader implications than initially acknowledged. Redmond confirmed [...]
Microsoft is expanding free access to additional cloud logging data worldwide to aid in detecting breached networks and accounts. This [...]
FIN8, a financially motivated cybercrime gang, has been using BlackCat ransomware on networks that were infiltrated with a new version [...]
Google Play is taking action against malware by requiring new developer accounts to provide a valid D-U-N-S number before submitting [...]
PyLoose, a fileless malware, is exploiting cloud workloads for Monero mining by utilizing a simple Python script containing an encoded [...]
Microsoft has taken action to block code signing certificates that have been primarily used by Chinese hackers and developers to [...]
Apple has released security updates for its operating systems and Safari web browser to fix a zero-day vulnerability that was [...]
Researchers in the field of cybersecurity have analyzed a newly discovered ransomware called 'Big Head,' which appears to be propagated [...]
CISA has directed federal agencies to address a high-severity privilege escalation flaw in the Arm Mali GPU kernel driver, listed [...]
Researchers uncovered two file management apps on Google Play, originating from the same publisher and boasting a combined installation count [...]
TeamsPhisher, a tool created by a member of the U.S. Navy's red team, exploits a security vulnerability in Microsoft Teams [...]
Google has spent over a year developing the new Extensions toolbar menu, which now enables users to disable extensions on [...]
Avast, a cybersecurity company, has introduced a complimentary decryption tool to combat the Akira ransomware, offering victims a chance to [...]
Security analysts have uncovered 'EarlyRAT,' an undocumented remote access trojan (RAT) utilized by Andariel, a sub-group of the Lazarus North [...]
Microsoft has resolved a known problem in Windows 11 and Windows Server systems where File Explorer freezes after checking a [...]
A new Android malware campaign, known as Anatsa or TeaBot, has been spreading since March 2023, targeting banking customers in [...]
Super Mario 3: Forever, a free-to-play remake of the classic Nintendo game, is used by hackers to install malware into [...]
LastPass password manager users have faced persistent login issues since early May, when they were instructed to reset their authenticator [...]
Deep Instinct's Threat Research Lab has detected a new strain of a JavaScript-based dropper delivering Bumblebee and IcedID malware. The [...]
Despite Microsoft Teams' client-side protections that block file delivery from external tenant accounts, security researchers from Jumpsec discovered a method [...]
Fortinet has acknowledged that a critical vulnerability in its FortiOS SSL VPN, which was recently patched, may have already been [...]
Progress Software has issued a warning to its customers about critical SQL injection vulnerabilities in its MOVEit Transfer managed file [...]
Cisco has addressed a high-severity vulnerability in its Cisco Secure Client software, previously known as AnyConnect Secure Mobility Client. The [...]
North Korean hacker group Kimsuky, also known as APT43, has been engaged in spear-phishing campaigns to gather intelligence from think [...]
A threat actor named Spyboy is advertising a tool called "Terminator" on a Russian-speaking hacking forum, claiming that it can [...]
The critical vulnerability for the Jetpack plugin has been addressed by WordPress in the new security patch. The plugin has [...]
QBot malware has been spotted to abuse a DLL hijacking vulnerability in the Windows 10 WordPad to infect targeted devices. [...]
Mozilla recently started showing users fullscreen ads for their Mozilla VPN in Firefox, which disable the browser's functionality until closed. [...]
According to Mandiant security researchers, a hacking group linked to the Russian cybersecurity outfit Rostelecom-Solaris attempting to disrupt the work [...]
A new PowerShell malware named PowerExchange is used to backdoor on-premise Microsoft Exchange servers. The malware is linked to APT34 Iranian [...]
During the Build 2023 conference, Microsoft announced several upcoming Windows 11 features, including Windows 11 getting native support for RAR, [...]
Microsoft attempts to attract gamers into using Microsoft Edge by adding the 'Edge for Gamers' feature to enhance the gaming [...]
CapCut, ByteDance's official video editor and maker for TikTok, is being impersonated in the ongoing campaign to distribute various malware [...]
A very old SATA BIOS bug known to affect Windows 7, 8, 8.1, and 10 has also been confirmed to [...]
Apple has addressed three vulnerabilities found in the multi-platform WebKit browser engine. One of the vulnerabilities is a sandbox escape, [...]
Three malicious Visual Studio extensions have been found on Microsoft's VSCode marketplace, totaling over 46,000 downloads. Those extensions allow attackers [...]
According to Symantec Threat Labs report, APT hacking group Lancefly is targeting government organizations in SEA region using the MerDoor [...]
With Windows 10 getting closer to the end of its support, many users started encountering pop-up ads on Windows 11 [...]
A recently reported Outlook vulnerability that allowed attackers to bypass recent patches has been released by Microsoft. One of the [...]