Security News

Filter by:

BlackBasta Ransomware Brand Picks Up Where Conti Left Off

New analysis says law enforcement efforts against Russian-language ransomware-as-a-service (RaaS) infrastructure helped consolidate influence behind BlackBasta, but some experts aren't so sure the brand means that much.
Dark Reading 26 Nov 2024 1487 Views

North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn

The North Korea-linked threat actor known as Sapphire Sleet is estimated to have stolen more than $10 million worth of cryptocurrency as part of social engineering campaigns orchestrated over a six-month period. These findings come from Microsoft, which said that multiple threat activity...
The Hacker News 23 Nov 2024 5804 Views

QNAP pulls buggy QTS firmware causing widespread NAS issues

​QNAP has pulled a recently released firmware update after widespread customer reports that it's breaking connectivity and, in some cases, locking users out of their devices. [...]
Bleepingcomputer 23 Nov 2024 1609 Views

Over 2,000 Palo Alto firewalls hacked using recently patched bugs

Hackers have already compromised thousands of Palo Alto Networks firewalls in attacks exploiting two recently patched zero-day vulnerabilities.
Bleeping Computer 22 Nov 2024 1641 Views

It's Near-Unanimous: AI, ML Make the SOC Better

Efficiency is the name of the game for the security operations center — and 91% of cybersecurity pros say AI and ML are winning that game.
Dark Reading 21 Nov 2024 1548 Views

MITRE shares 2024's top 25 most dangerous software weaknesses

MITRE has shared this year's top 25 list of the most common and dangerous software weaknesses behind more than 31,000 vulnerabilities disclosed between June 2023 and June 2024. [...]
Bleepingcomputer 21 Nov 2024 1489 Views

D-Link urges users to retire VPN routers impacted by unfixed RCE flaw

D-Link is warning customers to replace end-of-life VPN router models after a critical unauthenticated, remote code execution vulnerability was discovered that will not be fixed on these devices. [...]
Bleepingcomputer 20 Nov 2024 1440 Views

Oracle warns of Agile PLM file disclosure flaw exploited in attacks

Oracle has fixed an unauthenticated file disclosure flaw in Oracle Agile Product Lifecycle Management (PLM) tracked as CVE-2024-21287, which was actively exploited as a zero-day to download files. [...]
Bleepingcomputer 20 Nov 2024 1414 Views

Chinese hackers exploit Fortinet VPN zero-day to steal credentials

Chinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client that steal credentials. [...]
Bleepingcomputer 19 Nov 2024 1564 Views

Warning: VMware vCenter and Kemp LoadMaster Flaws Under Active Exploitation

Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerged. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added CVE-2024-1212 (CVSS score...
The Hacker News 19 Nov 2024 5993 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY