Attackers are slowly abandoning malicious macros
Malicious macro-enabled documents as vehicles for email-based malware delivery are being used less and less, Proofpoint researchers have noticed. Threat actors are switching to email attachments using Windows Shortcut (LNK) files and container file f.....»»
Navy captains don’t like abandoning ship—but with Starliner, the ship left them
"As the commander or pilot of your spacecraft, you don’t want to see it go off without you." Enlarge / NASA astronauts Butch Wilmore and Suni Williams wave to their families, friends, and NASA officials on their way to the laun.....»»
Adobe Acrobat Reader has a serious security flaw — so patch now
A bug allows threat actors to launch malicious code on Acrobat Reader remotely, and it's already being used in the wild......»»
Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847)
Ivanti has fixed a slew of vulnerabilities affecting its Endpoint Manager solution, including a maximum severity one (CVE-2024-29847) that may allow unauthenticated attackers to remotely execute code in the context of the vulnerable system, and use i.....»»
Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes
September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, CVE-2024-43461) exploited by attackers in the wild, and a Windows 10 code defect (C.....»»
Veeam Backup & Replication RCE flaw may soon be leveraged by ransomware gangs (CVE-2024-40711)
CVE-2024-40711, a critical vulnerability affecting Veeam Backup & Replication (VBR), could soon be exploited by attackers to steal enterprise data. Discovered and reported by Code WHite researcher Florian Hauser, the vulnerability can be leveraged fo.....»»
Sharks are abandoning stressed coral reefs in warming oceans, study finds
Gray reef sharks are having to abandon the coral reefs they call home in the face of warming oceans, new research finds......»»
Phishing in focus: Disinformation, election and identity fraud
The frequency of phishing attacks is rising as attackers increasingly utilize AI to execute more scams than ever before. In this Help Net Security video, Abhilash Garimella, Head Of Research at Bolster, discusses how phishing scams are now being host.....»»
AI cybersecurity needs to be as multi-layered as the system it’s protecting
Cybercriminals are beginning to take advantage of the new malicious options that large language models (LLMs) offer them. LLMs make it possible to upload documents with hidden instructions that are executed by connected system components. This is a b.....»»
Found: 280 Android apps that use OCR to steal cryptocurrency credentials
Optical Character Recognition converts passwords shown in images to machine-readable text. Enlarge (credit: Getty Images) Researchers have discovered more than 280 malicious apps for Android that use optical character re.....»»
Respotter: Open-source Responder honeypot
Respotter is an open-source honeypot designed to detect attackers when they launch Responder within your environment. This application identifies active instances of Responder by exploiting its behavior when responding to any DNS query. Respotter lev.....»»
North Korean hackers’ social engineering tricks
“North Korean malicious cyber actors conducted research on a variety of targets connected to cryptocurrency exchange-traded funds (ETFs) over the last several months,” the FBI has warned through a public service announcement. This suggest.....»»
Vulnerability allows Yubico security keys to be cloned
Researchers have unearthed a cryptographic vulnerability in popular Yubico (FIDO) hardware security keys and modules that may allow attackers to clone the devices. But the news is not as catastrophic as it may seem at first glance. “The attacke.....»»
Research explores whether "everything as a service" will live up to its great expectations
It's no secret that the composition of the American economy is changing. As the manufacturing sector continues to decline, the balance is slowly tipping even further away from goods and towards services. In line with this larger trend, many firms hav.....»»
International team discovers unusual mortality rates in surgeonfishes
An international team of researchers led by an assistant professor from the University of Guam discovered that while most surgeonfishes mature quickly and die young, some develop slowly and live for several decades. The studies are published in Revie.....»»
Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261)
Zyxel has patched a myriad of vulnerabilities in its various networking devices, including a critical one (CVE-2024-7261) that may allow unauthenticated attackers to execute OS commands on many Zyxel access points (APs) and security routers by sendin.....»»
Have a mechanical keyboard? You need this free app
Mechanical keyboards can start to slowly fail over time, but this free app makes the troubleshooting process much easier......»»
A macro look at the most pressing cybersecurity risks
Forescout’s 2024H1 Threat Review is a new report that reviews the current state of vulnerabilities, threat actors, and ransomware attacks in the first half of 2024 and compares them to H1 2023. “Attackers are looking for any weak point to bre.....»»
Why ransomware attackers target Active Directory
Ransomware attacks have surged 78% year-over-year, affecting various sectors and organizations and significantly impacting supply chains. In this Help, Net Security video, Craig Birch, Technology Evangelist, and Principal Security Engineer at Cayosof.....»»
Unpatchable 0-day in surveillance cam is being exploited to install Mirai
Vulnerability is easy to exploit and allows attackers to remotely execute commands. Enlarge (credit: Getty Images) Malicious hackers are exploiting a critical vulnerability in a widely used security camera to spread Mira.....»»
Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633)
Organizations using Fortra’s FileCatalyst Workflow are urged to upgrade their instances, so that attackers can’t access an internal HSQL database by exploiting known static credentials (CVE-2024-6633). “Once logged in to the HSQLDB,.....»»