Patch now! PrintNightmare over, MSHTML fixed, a new horror appears … OMIGOD
The September 2021 Patch Tuesday could be remembered as the final patching attempt in the PrintNightmare… nightmare. The ease with...
News
Only one-in-ten Russian organizations are aware of the danger of vulnerabilities in web applications
In 2020, attacks on the web accounted for one-third of all information security incidents. However, only 10% of Russian organizations...
Nearly 50% of On-Premises Databases Have Unpatched Vulnerabilities
The five-year longitudinal research conducted by cybersecurity firm Imperva revealed that nearly half of on-premises databases globally contain at least...
Millions of HP OMEN Gaming PCs Impacted by Driver Vulnerability
On Tuesday, security experts revealed data about a high-severity weakness in the HP OMEN driver software, which affects millions of...
Linux Implementation of Cobalt Strike Beacon Employed by Hackers in Attacks Worldwide
Security experts have detected an unauthorized version of the Cobalt Strike Beacon Linux created by malicious attackers that are actively...
Hackers Can Use the SSID Stripping Flaw to Mimic Real Wireless APs
A group of researchers discovered what appears to be a new way for threat actors to mislead people into connecting...
Three formers NSA employees fined for providing hacker-for-hire services to UAE firm
Three former NSA employees entered into a deferred prosecution agreement that restricts their future activities and employment and requires the...
US CISA appointed Kiersten Todt as new chief of staff
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has appointed Kiersten Todt as its new chief of staff. The U.S....
Microsoft Patch Tuesday fixes CVE-2021-40444 MSHTML zero-day
Microsoft Patch Tuesday security updates for September 2021 addressed a high severity zero-day flaw actively exploited in targeted attacks. Microsoft Patch...
Mēris Bot infects MikroTik routers compromised in 2018
Latvian vendor MikroTik revealed that recently discovered Mēris botnet is targeting devices that were compromised three years ago. Last week, the Russian...
Millions of HP OMEN gaming PCs impacted by CVE-2021-3437 driver flaw
A high severity vulnerability, tracked as CVE-2021-3437, in HP OMEN laptop and desktop gaming computers exposes millions of systems to DoS...
Parts of the Dark Web “awash” with school children’s personal data
NBC News has collected and analyzed a trove of children’s personal information it discovered on the Dark Web. Even though...
Update now! Google Chrome fixes two in-the-wild zero-days
Google announced on Monday that it will be issuing patches for 11 high severity vulnerabilities found in Chrome, including two that...
Apple releases emergency update: Patch, but don’t panic
Spyware developed by the company NSO Group is back in the news today after Apple released an emergency fix for...
New Android Banking Malware Targeting Mexican Users to Steal Financial Credentials
McAfee Mobile Malware Research Team has discovered an android banking malware targeting Mexican users by posing as a security banking...
This Aspiring Hacker was Caught in a Quite Embarrassing Manner
The US Department of Justice (DoJ) has arrested a Ukrainian citizen for using a botnet to hack people's passwords. He...
Kumsong 121 North Korean Hacker Group Conducts Cyber Attacks via Social Media
Kumsong 121 the North Korean Hacker gang has unleashed a cyberattack employing social media in North Korea. The North Korean...
Hackers switched to combined cyber attacks on the Russian financial sector
Experts began to note the particular interest of cybercriminals in the Russian banking sector as early as mid-summer 2021. In...
1GB of Puma Data is Now Accessible on Marketo
Hackers have stolen data from Puma, a German sportswear firm, and are now attempting to extort money from the corporation...
Google addresses a new Chrome zero-day flaw actively exploited in the wild
Google Chrome 93.0.4577.82 for Windows, Mac, and Linux that addressed eleven security issues, including two zero-days actively exploited. Google released...
Vermilion Strike, a Linux implementation of Cobalt Strike Beacon used in attacks
Researchers discovered Linux and Windows implementations of the Cobalt Strike Beacon developed by attackers that were actively used in attacks in the...
Popular NPM package Pac-Resolver affected by a critical flaw
Experts found a critical flaw, tracked as CVE-2021-23406, in the popular NPM package ‘Pac-Resolver‘ that has millions of downloads every week....
Apple fixes actively exploited FORCEDENTRY zero-day flaws
Apple released security patches to fix two zero-day vulnerabilities in iOS and macOS that are actively exploited in attacks in...
Facebook announces WhatsApp end-to-end encrypted (E2EE) backups
Facebook announced it will allow WhatsApp users to encrypt their message history backups in the cloud. Facebook will continue to...
