Experts warn of RCE flaw in Imunify360 security platform
A flaw in CloudLinux’s Imunify360 security product could have been exploited by an attacker for remote code execution. Cisco’s Talos...
News
Expert released PoC exploit code for Microsoft Exchange CVE-2021-42321 RCE bug
A researcher has released a proof-of-concept exploit code for an actively exploited vulnerability affecting Microsoft Exchange servers. The researcher Janggggg has...
Millions of GoDaddy customer data compromised in breach
Domain name registrar giant and hosting provider GoDaddy yesterday disclosed to the Securities and Exchange Commission (SEC) that it had...
Please don’t buy this! 3 gift card scams to watch out for this Black Friday
With the holiday season around the corner, and Black Friday at the end of the week, we thought it was...
Expert disclosed an exploit for a new Windows zero-day local privilege elevation issue
A researcher publicly disclosed an exploit for a new Windows zero-day local privilege elevation that can allow gaining admin privileges....
Windows 10 chills out, gives sysadmins a break
A few short weeks ago, Microsoft launched the very latest version of its desktop operating system (OS), Windows 11. In...
US govt warns critical infrastructure of ransomware attacks during holidays
US CISA and the FBI issued a joint alert to warn critical infrastructure partners and public/private organizations of ransomware attacks...
Black Friday 2021: How to Have a Scam-Free Shopping Day
Fact 1: cybercriminals love to exploit big holidays for personal gain. Case in point: we’re already seeing scams targeting World...
US-CERT Bulletin (SB21-326):Vulnerability Summary for the Week of November 15, 2021
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
New GoDaddy data breach impacted 1.2 million customers
GoDaddy suffered a data breach that impacted up to 1.2 million of its managed WordPress customer accounts. GoDaddy discloses a...
Security researchers play peek-a-boo with Conti ransomware server
It’s not been a great time for ransomware authors recently. Well, some ransomware authors at any rate. While many are...
How to defend your website against card skimmers
Black Friday and the holiday season are approaching, and shoppers are forecast to spend record amounts again this year. Retail...
Utah Imaging Associates data breach impacts 583,643 patients
Utah-based radiology medical center Utah Imaging Associates discloses a data breach that impacted 583,643 former and current patients. Utah Imaging...
Iran’s Mahan Air claims it has failed a cyber attack, hackers say the opposite
Iranian airline Mahan Air was hit by a cyberattack on Sunday morning, the “Hooshyarane Vatan” hacker group claimed responsibility for...
New Memento ransomware uses password-protected WinRAR archives to block access to the files
Memento ransomware group locks files inside WinRAR password-protected archives after having observed that its encryption process is blocked by security...
The Internet is not safe enough for women, and Sue Krautbauer has some ideas about why: Lock and Code S02E22
Decades ago, the promise of the Internet was clear: No one, depending on their age, gender, race, income, or place...
US SEC warns investors of ongoing fraudulent communications claiming from the SEC
The Securities and Exchange Commission (SEC) warns investors of attacks impersonating its officials in government impersonator schemes. The Securities and...
Experts found 11 malicious Python packages in the PyPI repository
Researchers discovered 11 malicious Python packages in the PyPI repository that can steal Discord access tokens, passwords, and conduct attacks....
Researchers were able to access the payment portal of the Conti gang
The Conti ransomware group has suffered a data breach that exposed its attack infrastructure and allowed researcher to access it....
Attackers compromise Microsoft Exchange servers to hijack internal email chains
A malware campaign aimed at Microsoft Exchange servers exploits ProxyShell and ProxyLogon issues and uses stolen internal reply-chain emails. A...
Security Affairs newsletter Round 341
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
U.S. banking regulators order banks to notify cybersecurity incidents in 36 hours
U.S. banking regulators have approved a new rule that orders banks to notify federal regulators of significant cybersecurity incidents within 36...
Study reveals top 200 most common passwords
The annual study on top-used passwords published by Nordpass revealed that we are still using weak credentials that expose us...
The newer cybercrime triad: TrickBot-Emotet-Conti
Advanced Intelligence researchers argue that the restarting of the Emotet botnet was driven by Conti ransomware gang. Early this year,...
