Security News

Filter by:

Mirai-based Botnet Exploiting Zero-Day Bugs in Routers and NVRs for Massive DDoS Attacks

An active malware campaign is leveraging two zero-day vulnerabilities with remote code execution (RCE) functionality to rope routers and video recorders into a Mirai-based distributed denial-of-service (DDoS) botnet. “The payload targets routers and network video recorder (...
The Hacker News 23 Nov 2023 1182 Views

N. Korean Hackers Distribute Trojanized CyberLink Software in Supply Chain Attack

A North Korean state-sponsored threat actor tracked as Diamond Sleet is distributing a trojanized version of a legitimate application developed by a Taiwanese multimedia software developer called CyberLink to target downstream customers via a supply chain attack. "This malicious file is a legitimate CyberLink application...
The Hacker News 23 Nov 2023 1030 Views

“ChatGPT with voice” opens up to everyone on iOS and Android

All Android and iOS users can soon tap a headphone icon and start chatting.
Ars Technica 23 Nov 2023 2820 Views

Citrix warns admins to kill NetScaler user sessions to block hackers

Citrix reminded admins today that they must take additional measures after patching their NetScaler appliances against the CVE-2023-4966 'Citrix Bleed' vulnerability to secure vulnerable devices against attacks. [...]
Bleepingcomputer 22 Nov 2023 1138 Views

New Flaws in Fingerprint Sensors Let Attackers Bypass Windows Hello Login

A new research has uncovered multiple vulnerabilities that could be exploited to bypass Windows Hello authentication on Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X laptops. The flaws were discovered by researchers at hardware and software product security and offensive research firm...
The Hacker News 22 Nov 2023 1009 Views

Beware: Malicious Google Ads Trick WinSCP Users into Installing Malware

Threat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead.
The Hacker News 20 Nov 2023 1174 Views

Exploit for CrushFTP RCE chain released, patch now

A proof-of-concept exploit was publicly released for a critical remote code execution vulnerability in the CrushFTP enterprise suite, allowing unauthenticated attackers to access files on the server, execute code, and obtain plain-text passwords.
Bleeping Computer 20 Nov 2023 1145 Views

【香肉騙案】騙徒借賣「香肉」誘載毒app 9月至今騙逾114萬元

近日有專頁發帖聲稱出售「香肉」,附圖配以卡通狗隻圖案,惹來各界質疑出售狗肉及批評。警方接獲漁農自然護理...
Cyware News 20 Nov 2023 187 Views

Microsoft confirms Copilot AI assistant coming to Windows 10

Microsoft will roll out the Copilot AI-powered assistant to Windows 10 systems enrolled in the Insider Program over the coming months. [...]
Bleepingcomputer 17 Nov 2023 1228 Views

MySQL servers targeted by 'Ddostf' DDoS-as-a-Service botnet

MySQL servers are being targeted by the 'Ddostf' malware botnet to enslave them for a DDoS-as-a-Service platform whose firepower is rented to other cybercriminals. [...]
Bleepingcomputer 17 Nov 2023 1148 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY