Security News

Filter by:

DHL Phishing Page Uses Telegram Bot for Exfiltration

One of the quickest ways for an attacker to harvest financial data, credentials, and sensitive personal information is through phishing. These social engineering attacks can typically be found masquerading as a trusted or recognizable service, intent on tricking unsuspecting users into submitting sensitive information on the...
Sucuri Blog 27 Jul 2022 948 Views

Microsoft: IIS extensions increasingly used as Exchange backdoors

Microsoft says attackers increasingly use malicious Internet Information Services (IIS) web server extensions to backdoor unpatched Exchange servers as they have lower detection rates compared to web shells.
Bleeping Computer 27 Jul 2022 877 Views

Hackers exploited PrestaShop zero-day to breach online stores

Hackers are targeting websites using the PrestaShop platform, leveraging a previously unknown vulnerability chain to perform code execution and potentially steal customers' payment information.
Bleepingcomputer 26 Jul 2022 756 Views

Microsoft issues emergency fix for broken Windows 11 start menu

Microsoft has addressed a known issue that was causing the start menu on some Windows 11 to malfunction after installing recent updates.
Bleepingcomputer 26 Jul 2022 961 Views

Atlassian fixes critical Confluence hardcoded credentials flaw

Atlassian has patched a critical hardcoded credentials vulnerability in Confluence Server and Data Center that could let remote, unauthenticated attackers log into vulnerable, unpatched servers.
Bleepingcomputer 25 Jul 2022 791 Views

Microsoft Resumes Blocking Office VBA Macros by Default After 'Temporary Pause'

Microsoft has officially resumed blocking Visual Basic for Applications (VBA) macros by default across Office apps, weeks after temporarily announcing plans to roll back the change.
Thehackernews 25 Jul 2022 739 Views

SonicWall Issues Patch for Critical Bug Affecting its Analytics and GMS Products

Network security company SonicWall on Friday rolled out fixes to mitigate a critical SQL injection (SQLi) vulnerability affecting its Analytics On-Prem and Global Management System (GMS) products.
Thehackernews 25 Jul 2022 820 Views

Convincing ‘YouTube’ Google ads lead to Windows support scams

A scarily realistic-looking Google Search YouTube advertisement is redirecting visitors to tech support scams pretending to be security alerts from Windows Defender.
Bleepingcomputer 21 Jul 2022 1023 Views

New Luna ransomware encrypts Windows, Linux, and ESXi systems

A new ransomware family dubbed Luna can be used to encrypt devices running several operating systems, including Windows, Linux, and ESXi systems.
Bleepingcomputer 21 Jul 2022 942 Views

Botnet malware disguises itself as password cracker for industrial controllers

Can't get into that machine? No problem, just trust this completely sketchy looking tool Industrial engineers and operators are being lured into running backdoor malware disguised as tools for recovering access to work systems.…
The Register 19 Jul 2022 6111 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY