News
-
"Microsoft Patches One Critical and One Zero-Day Vulnerability"Microsoft recently revealed updates for 51 vulnerabilities, only one of which was rated "critical." Microsoft noted that the bug, CVE-2024-30080, is a remote code execution (RCE) flaw in Microsoft Message Queuing (MSMQ) and has been assigned a CVSS sco -
"Phishing Emails Abuse Windows Search Protocol to Push Malicious Scripts"In a new phishing campaign, HTML attachments abusing the Windows Search protocol are used to push batch files hosted on remote servers that deliver malware. -
"Easily Exploitable Critical Vulnerabilities Found in Open Source AI/ML Tools"A new Protect AI report delves into a dozen critical vulnerabilities in open source Artificial Intelligence (AI) and Machine Learning (ML) tools discovered in recent months. -
"Feds Saw More Cyberattacks but Better Detection Last Year, FISMA Report Says"A Federal Information Security Modernization Act (FISMA) report recently issued to Congress found that federal agencies saw a nearly 10 percent increase in cyberattacks in 2023, but they also improved their detection and categorization. -
"Cryptojacking Campaign Targets Misconfigured Kubernetes Clusters"Researchers warn of a cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency. -
"Panera Warns of Employee Data Breach After March Ransomware Attack"Panera Bread is starting to notify employees of a data breach after unknown threat actors stole their sensitive personal information in a March ransomware attack. -
"Ascension Attack Caused by Employee Downloading Malicious File"Ascension has recently revealed that a ransomware gang gained access to its systems after an employee accidently downloaded a malicious file. -
"Life360 Says Hacker Tried to Extort Them After Tile Data Breach"Safety and location services company Life360 has recently announced that it was the target of an extortion attempt after a threat actor breached and stole sensitive information from a Tile customer support platform. -
"New Attack Technique 'Sleepy Pickle' Targets Machine Learning Models"A new hybrid Machine Learning (ML) model exploitation technique called "Sleepy Pickle" has highlighted the Pickle format's security risks. -
"Chinese Hackers Leveraging 'Noodle RAT' Backdoor"According to a new Trend Micro report, a backdoor in Executable and Linkable Format (ELF) files used by Chinese hackers has been incorrectly identified as a variant of existing malware for years. -
"Ukrainian Cyber Police Identify Suspected LockBit and Conti Member"Police in Kyiv have recently identified a 28-year-old man suspected of working with big-name Russian ransomware groups to make their malware undetectable. -
"Can Science Make It Too Costly for Hackers to Attempt to Steal Information?"Hackers could gain access to website servers, bypassing the security feature that locks users out after three incorrect password entries.