Security News

Filter by:

Exploit released for Atlassian Confluence RCE bug, patch now

Proof-of-concept exploits for the actively exploited critical CVE-2022-26134 vulnerability impacting Atlassian Confluence and Data Center servers have been widely released this weekend. [...]
Bleepingcomputer 6 Jun 2022 1302 Views

Evasive phishing mixes reverse tunnels and URL shortening services

Security researchers are seeing an uptick in the use of reverse tunnel services along with URL shorteners for large-scale phishing campaigns, making the malicious activity more difficult to stop. [...]
Bleepingcomputer 5 Jun 2022 1223 Views

FluBot Android Spyware Taken Down in Global Law Enforcement Operation

An international law enforcement operation involving 11 countries has culminated in the takedown of a notorious mobile malware threat called FluBot.
The Hacker News 2 Jun 2022 420 Views

Hundreds of Elasticsearch databases targeted in ransom attacks

Hackers have targeted poorly secured Elasticsearch databases and replaced 450 indexes with ransom notes asking for $620 to restore contents, amounting to a total demand of $279,000.
Bleeping Computer 2 Jun 2022 438 Views

New Unpatched Horde Webmail Bug Lets Hackers Take Over Server by Sending Email

A new unpatched security vulnerability has been disclosed in the open-source Horde Webmail client that could be exploited to achieve remote code execution on the email server simply by sending a specially crafted email to a victim.
The Hacker News 2 Jun 2022 370 Views

New Windows Search zero-day added to Microsoft protocol nightmare

A new Windows Search zero-day vulnerability can be used to automatically open a search window containing remotely-hosted malware executables simply by launching a Word document.
Bleeping Computer 2 Jun 2022 462 Views

Hackers steal WhatsApp accounts using call forwarding trick

There’s a trick that allows attackers to hijack a victim’s WhatsApp account and gain access to personal messages and contact list.
Bleeping Computer 1 Jun 2022 1036 Views

Over 3.6 million MySQL servers found exposed on the Internet

​Over 3.6 million MySQL servers are publicly exposed on the Internet and responding to queries, making them an attractive target to hackers and extortionists. [...]
Bleepingcomputer 1 Jun 2022 330 Views

New Microsoft Office zero-day used in attacks to execute PowerShell

Security researchers have discovered a new Microsoft Office zero-day vulnerability that is being used in attacks to execute malicious PowerShell commands via Microsoft Diagnostic Tool (MSDT) simply by opening a Word document.
Bleepingcomputer 31 May 2022 647 Views

New XLoader botnet uses probability theory to hide its servers

Threat analysts have spotted a new version of the XLoader botnet malware that uses probability theory to hide its command and control servers, making it difficult to disrupt the malware's operation. [...]
Bleepingcomputer 31 May 2022 459 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY