Tag: security
CISA is now warning government agencies to patch Ivanti flaws immediately
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning government agencies to patch recently discovered Ivanti flaws immediately, as they’re being used in the wild to compromise vulnerable endpoints. CISA’s alert warns Federal Civilian Executive Branch (FCEB) agencies of two flaws: CVE-2023-46805 (authentication bypass), and CVE-2024-21887 (code injection). The…
Read More
BreachForums hacking forum admin sentenced to 20 years supervised release
The owner and administrator of BreachForums, an infamous underground forum where hackers shared stolen data, malware, and other tools, has received his sentence.. In the Eastern District of Virginia, Conor Brian Fitzpatrick, alias Pompompurin was sentenced to time served, plus 20 years of supervised release, BleepingComputer reports. The first two…
Read More
Chinese hackers quietly exploited a VMware zero-day for two years
Chinese state-sponsored hackers known as UNC3886 have been abusing a zero-day vulnerability in VMware and Fortinet devices for years, experts have revealed. A report from Mandiant claims the group used the flaw to deploy malware, steal credentials, and ultimately exfiltrate sensitive data. The flaw in question is tracked as CVE-2023-34048.…
Read More
Microsoft says it was hit by Russian hackers who wanted to know its secrets
Russian state-sponsored threat actors targeted Microsoft late last year, and managed to steal some sensitive information from certain highly-positioned individuals including senior executives, the company has confirmed. It is not known exactly how many emails were accessed, but Microsoft did say that compromised accounts, included those belonging to members of…
Read More
YouTube stream-jacking attacks are becoming more dangerous
So-called stream-jacking attacks are advancing at a worrying pace, according to new research from Bitdefender. The cybersecurity firm claims that is has been keeping an eye on the trend since October 2023, as high-profile YouTube accounts were hijacked “to conduct a myriad of crypto doubling scams.” However, Bitdefender says this…
Read More
MacOS devices are being targeted by pirated apps that want to hijack your machine
Cybersecurity researchers from Jamf Threat Labs have uncovered a new piece of malware targeting macOS users. The malware, though unnamed, shares many similarities with another malicious piece of code discovered in 2021, called ZuRu. In a detailed report, the researchers said the malware was found hiding in three separate, pirated…
Read More