Critical Vulnerability in Rust Standard Library
Rust has released an update to address a critical vulnerability (CVE-2024-24576) affecting the Rust standard library. The vulnerability has a...
News
Apr 2024 Monthly Patch
Microsoft has released security patches to address multiple vulnerabilities in their software and products.The vulnerabilities that have been classified as...
Interactive administration in the cloud: managing the risks
Interactive administration in the cloud: managing the risks In the NCSC’s cloud platforms guidance (and most recently in our lift...
Multiple Vulnerabilities in HTTP/2 Protocol
A security researcher has disclosed a new Denial-of-Service (DoS) attack method which exploits HTTP/2 protocols affected by a class of...
Microsoft Monthly Security Update (April 2024)
Microsoft has released monthly security update for their products: Vulnerable ProductRisk LevelImpactsNotesBrowser Low RiskSpoofing Windows High RiskSecurity Restriction Bypass Remote Code Execution...
US-CERT Vulnerability Summary for the Week of April 1, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Critical Vulnerability in WordPress LayerSlider Plugin
LayerSlider has released updates to address a critical vulnerability (CVE-2024-2879) affecting their LayerSlider plugin for WordPress. The vulnerability has a...
US-CERT Vulnerability Summary for the Week of March 25, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Multiple High Severity Vulnerabilities in Cisco IOS and IOS XE Software
Cisco has released updates addressing multiple high severity vulnerabilities (CVE-2024-20311, CVE-2024-20314, CVE-2024-20307, CVE-2024-20308, CVE-2024-20259, CVE-2024-20303) affecting their IOS and IOS...
Critical Vulnerability in XZ Utils
Security researchers have disclosed a critical vulnerability (CVE-2024-3094) in XZ Utils used in Linux distributions. The vulnerability has a Common...
Dinodasrat Malware Targets Linux Servers In Espionage Campaign
Security researchers have observed Red Hat and Ubuntu systems being attacked by a Linux version of the DinodasRAT (also known...
Vultur Banking Malware For Android Poses As Mcafee Security App
Security researchers found a new version of the Vultur banking trojan for Android that includes more advanced remote control capabilities...
Atandt Confirms Data For 73 Million Customers Leaked On Hacker Forum
AT&T has finally confirmed it is impacted by a data breach affecting 73 million current and former customers after initially...
Red Hat Warns Of Backdoor In Xz Tools Used By Most Linux Distros
Today, Red Hat warned users to immediately stop using systems running Fedora development and experimental versions because of a backdoor found...
Activision Enable 2fa To Secure Accounts Recently Stolen By Malware
An infostealer malware campaign has collected millions of logins from users of various gaming websites, including players that use cheats,...
One Year Later Rhadamanthys Is Still Dropped Via Malvertising
It was just a little over a year ago that the Rhadamanthys stealer was first publicly seen distributed via malicious...
Massive Utility Scam Campaign Spreads Via Online Ads
For many households, energy costs represent a significant part of their overall budget. And when customers want to discuss their...
Remote Monitoring Management Software Used In Phishing Attacks
Remote Monitoring & Management (RMM) software, including popular tools like AnyDesk, Atera, and Splashtop, are invaluable for IT administrators today,...
Stopping A Targeted Attack On A Managed Service Provider Msp With Threatdown Mdr
In late January 2024, the ThreatDown Managed Detection and Response (MDR) team found and stopped a three-month long malware campaign...
Pikabot Malware On The Rise What Organizations Need To Know
A new type of malware is being used by ransomware gangs in their attacks, and its name is PikaBot. A...
Fakebat Delivered Via Several Active Malvertising Campaigns
February was a particularly busy month for search-based malvertising with the number of incidents we documented almost doubling. We saw...
Ransomware Review March 2024
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
New Go Loader Pushes Rhadamanthys
Malware loaders (also known as droppers or downloaders) are a popular commodity in the criminal underground. Their primary function is...
Stopping A K 12 Cyberattack Solarmarker With Threatdown Mdr
In early 2024, a large K-12 school district partnered with ThreatDown MDR to strengthen its cybersecurity posture. Shortly after onboarding,...
