Security News

Filter by:

PyPI package 'keep' mistakenly included a password stealer

PyPI packages 'keep,' 'pyanxdns,' 'api-res-py' were found to contain a password-stealer and a backdoor due to the presence of malicious 'request' dependency within some versions. [...]
Bleepingcomputer 13 Jun 2022 1144 Views

New Privacy Framework for IoT Devices Gives Users Control Over Data Sharing

A newly designed privacy-sensitive architecture aims to enable developers to create smart home apps in a manner that addresses data sharing concerns and puts users in control over their personal information.  Dubbed Peekaboo by researchers from Carnegie Mellon University, the system "leverages...
The Hacker News 11 Jun 2022 1119 Views

Researchers Find Bluetooth Signals Can be Fingerprinted to Track Smartphones

A new research undertaken by a group of academics from the University of California San Diego has revealed for the first time that Bluetooth signals can be fingerprinted to track smartphones (and therefore, individuals). The identification, at its core, hinges on imperfections in the Bluetooth...
The Hacker News 10 Jun 2022 1110 Views

Qbot malware now uses Windows MSDT zero-day in phishing attacks

A critical Windows zero-day vulnerability, known as Follina and still waiting for an official fix from Microsoft, is now being actively exploited in ongoing phishing attacks to infect recipients with Qbot malware.
Bleepingcomputer 9 Jun 2022 1204 Views

Critical PHP flaw exposes QNAP NAS devices to RCE attacks

QNAP has warned customers today that some of its Network Attached Storage (NAS) devices (with non-default configurations) are vulnerable to attacks that would exploit a three-year-old critical PHP vulnerability allowing remote code execution.  [...]
Bleepingcomputer 8 Jun 2022 296 Views

MEGA fixes critical flaws that allowed the decryption of user data

MEGA has released a security update to address a set of severe vulnerabilities that could have exposed user data, even if the data had been stored in encrypted form.  [...]
Bleepingcomputer 8 Jun 2022 282 Views

New SVCReady malware loads from Word doc properties

A previously unknown malware loader named SVCReady has been discovered in phishing attacks, featuring an unusual way of loading the malware from Word documents onto compromised machines.  [...]
Bleepingcomputer 8 Jun 2022 1284 Views

New ‘DogWalk’ Windows zero-day bug gets free unofficial patches

Free unofficial patches for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT) have been released today through the 0patch platform.  [...]
Bleepingcomputer 8 Jun 2022 1255 Views

Mandiant: “No evidence” we were hacked by LockBit ransomware

American cybersecurity firm Mandiant is investigating LockBit ransomware gang's claims that they hacked the company's network and stole data. [...]
Bleepingcomputer 7 Jun 2022 1227 Views

Microsoft's new 'autopatch' service for Windows PC just took another step forwards

Microsoft has rolled out the public preview of Windows Autopatch, potentially a much easier way for admins to handle Patch Tuesday. [...]
ZDNet 7 Jun 2022 1264 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY