Screenconnect Servers Hacked In Lockbit Ransomware Attacks
Attackers are exploiting a maximum severity authentication bypass vulnerability to breach unpatched ScreenConnect servers and deploy LockBit ransomware payloads on...
News
Bitwardens New Auto Fill Option Adds Phishing Resistance
The Bitwarden open-source password management service has introduced a new inline auto-fill menu that addresses the risk of user credentials being...
Cyber Pros Embrace AI, Over 80% Believe It Will Enhance Jobs
Most cybersecurity professionals believe that AI will have a positive impact on their jobs, helping alleviate pressures caused by the...
Businesses Increase Cybersecurity as Budgets Surge in 2024
Cybersecurity is a top concern for businesses in 2024, with over two-thirds of IT decision-makers reporting increased budgets. This positive...
Chinese Duo Found Guilty of $3m Apple Fraud Plot
Two Chinese nationals have been found guilty of running a sophisticated fraud scheme in which they attempted to con Apple...
Ransomware Warning as CVSS 10.0 ScreenConnect Bug is Exploited
IT admins have been urged to patch any on-premises ScreenConnect servers immediately, after reports that a recently published maximum severity...
Change Healthcare Cyber-Attack Leads to Prescription Delays
Health tech firm Change Healthcare, part of Optum, has been hit by a cyber-attack, leading to delays in prescriptions being...
SMBs at Risk From SendGrid-Focused Phishing Tactics
Cybersecurity experts at Kaspersky have uncovered a new phishing campaign that specifically targets small and medium-sized businesses (SMBs). The attack method...
OWASP Releases Security Checklist for Generative AI Deployment
Chief information security officers now have a new tool at their disposal to get started with AI securely.The Open Web...
Russian-Aligned Network Doppelgänger Targets German Elections
A joint effort by SentinelLabs and ClearSky Cyber Security has uncovered a significant propaganda and disinformation campaign, possibly orchestrated by...
Multiple Vulnerabilities in VMware Enhanced Authentication Plug-in
VMware has released mitigating measures addressing multiple vulnerabilities (CVE-2024-22245 and CVE-2024-22250) impacting their Enhanced Authentication Plug-in (EAP).The vulnerabilities are:• CVE-2024-22245:...
Active Exploitation of Critical Vulnerability in WordPress Bricks Plug-in
WordPress has released security updates to address a critical vulnerability (CVE-2024-25600) impacting their Bricks Builder Plug-in. The vulnerability has a...
Active Exploitation of Critical Vulnerability in WordPress Bricks Plug-in
WordPress has released security updates to address a critical vulnerability (CVE-2024-25600) impacting their Bricks Builder Plug-in. The vulnerability has a...
Multiple Vulnerabilities in VMware Enhanced Authentication Plug-in
VMware has released mitigating measures addressing multiple vulnerabilities (CVE-2024-22245 and CVE-2024-22250) impacting their Enhanced Authentication Plug-in (EAP).The vulnerabilities are:• CVE-2024-22245:...
New Ssh Snake Malware Steals Ssh Keys To Spread Across The Network
A threat actor is using an open-source network mapping tool named SSH-Snake to look for private keys undetected and move laterally...
Screenconnect Critical Bug Now Under Attack As Exploit Code Emerges
Both technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its...
Fraudsters Tried To Scam Apple Out Of 5 000 Iphones Worth Over 3 Million
Two Chinese nationals face 20 years in prison after being caught and convicted of submitting over 5,000 fake iPhones worth...
Microsoft Expands Free Logging Capabilities After May Breach
Microsoft has expanded free logging capabilities for all Purview Audit standard customers, including U.S. federal agencies, six months after disclosing...
Us Offers 15 Million Bounty For Info On Lockbit Ransomware Gang
The U.S. State Department is now also offering rewards of up to $15 million to anyone who can provide information...
Hackers Abuse Google Cloud Run In Massive Banking Trojan Campaign
Security researchers are warning of hackers abusing the Google Cloud Run service to distribute massive volumes of banking trojans like...
Us Govt Shares Cyberattack Defense Tips For Water Utilities
CISA, the FBI, and the Environmental Protection Agency (EPA) shared a list of defense measures U.S. water utilities should implement...
Joomla Fixes Xss Flaws That Could Expose Sites To Rce Attacks
Five vulnerabilities have been discovered in the Joomla content management system that could be leveraged to execute arbitrary code on...
Attacker Breakout Time Falls to Just One Hour
Security experts recorded a surge in “hands-on-keyboard” threats in 2023, with the average time it took to move laterally from...
NCSC Sounds Alarm Over Private Branch Exchange Attacks
The UK’s National Cyber Security Centre (NCSC) has warned smaller organizations that they could be exposed to attacks targeting their...
