LibreOffice, OpenOffice Bug Allows Hackers To Spoof Signed Docs
LibreOffice and OpenOffice have pushed updates to address a vulnerability that makes it possible for an attacker to manipulate documents to appear as signed by a trusted source. Although the severity of the flaw is classified as moderate, the implica.....»»
Nation-state hackers exploit Cisco firewall 0-days to backdoor government networks
Perimeter devices ought to prevent network hacks. Why are so many devices allowing attacks? Enlarge (credit: Getty Images) Hackers backed by a powerful nation-state have been exploiting two zero-day vulnerabilities in Ci.....»»
The best resume templates for Google Docs
Use Google Docs resume templates to ensure Applicant Tracking Software compliance when you're applying for jobs......»»
Biden signs TikTok bill into law as Chinese firm threatens legal action
President Biden has now formally signed the bill that means TikTok owner ByteDance must sell the platform, or face being banned in the US from 2025.TikTok could be banned in the US from 2025As expected following the Senate's passing of the combinatio.....»»
Hackers are using developing countries for ransomware practice
Businesses in Africa, Asia, and South America hit before moving on to Western targets. Enlarge (credit: Getty Images) Cyber attackers are experimenting with their latest ransomware on businesses in Africa, Asia, and Sout.....»»
Hackers are carrying out ransomware experiments in developing countries
Businesses in Africa, Asia, and South America hit before moving on to western targets. Enlarge (credit: Getty Images) Cyber attackers are experimenting with their latest ransomware on businesses in Africa, Asia and South.....»»
Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)
For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print Spooler service (CVE-2022-38028). Dubbed GooseEgg, the tool is a launcher.....»»
Hackers infect users of antivirus service that delivered updates over HTTP
eScan AV updates were delivered over HTTP for five years. Enlarge (credit: Getty Images) Hackers abused an antivirus service for five years in order to infect end users with malware. The attack worked because the service.....»»
Windows vulnerability reported by the NSA exploited to install Russian malware
Microsoft didn't disclose the in-the-wild exploits by Kremlin-backed group until now. Enlarge (credit: Getty Images) Kremlin-backed hackers have been exploiting a critical Microsoft vulnerability for four years in attack.....»»
Biden signs bill criticized as “major expansion of warrantless surveillance”
FISA renewal requires more service providers to cooperate with government. Enlarge (credit: Getty Images | Yuichiro Chino) Congress passed and President Biden signed a reauthorization of Title VII of the Foreign Intellig.....»»
Windows vulnerability reported by the NSA exploited to install Russian backdoor
Microsoft didn't disclose the in-the-wild exploits by Kremlin-backed group until now. Enlarge (credit: Getty Images) Kremlin-backed hackers have been exploiting a critical Microsoft vulnerability for four years in attack.....»»
Cheap ransomware for sale on dark web marketplaces is changing the way hackers operate
Since June 2023, Sophos X-Ops has discovered 19 junk gun ransomware variants — cheap, independently produced, and crudely constructed — on the dark web. The developers of these junk gun variants are attempting to disrupt the traditional affiliate.....»»
Damn Vulnerable RESTaurant: Open-source API service designed for learning
Damn Vulnerable RESTaurant is an open-source project that allows developers to learn to identify and fix security vulnerabilities in their code through an interactive game. “I wanted to create a generic playground for ethical hackers, developer.....»»
Cisco Duo provider breached, SMS MFA logs compromised
Hackers have managed to compromise a telephony provider for Duo, the Cisco-owned company providing secure access solutions, and steal MFA (multi-factor authentication) SMS message logs of Duo customers. About the attack The unnamed provider – o.....»»
Why the US government’s overreliance on Microsoft is a big problem
Microsoft continues to get a free pass after series of cybersecurity failures. Enlarge (credit: Joan Cros via Getty) When Microsoft revealed in January that foreign government hackers had once again breached its systems,.....»»
Cisco Duo says a third-party data breach stole MFA SMS logs
Hackers stole Cisco Duo customers' phone numbers, and the company is warning of possible incoming smishing attacks......»»
Change Healthcare faces another ransomware threat—and it looks credible
Hackers already received a $22 million payment. Now a second group demands money. Enlarge (credit: iStock / Getty Images Plus) For months, Change Healthcare has faced an immensely messy ransomware debacle that has left h.....»»
“Highly capable” hackers root corporate networks by exploiting firewall 0-day
No patch yet for unauthenticated code-execution bug in Palo Alto Networks firewall. Enlarge (credit: Getty Images) Highly capable hackers are rooting multiple corporate networks by exploiting a maximum-severity zero-day.....»»
Zscaler extends zero trust SASE and eliminates the need for firewall-based segmentation
Zscaler has signed an agreement to acquire Airgap Networks. Combining Zscaler’s zero trust SD-WAN and Airgap Networks’ agentless segmentation technology will transform how enterprises implement zero trust segmentation to IoT/OT devices, and criti.....»»
Rise in corporate Mac use invites more sophisticated hacking
Hackers are developing more complex, cross-platform tactics to take advantage of the ever increasing Mac user base, and the latest targets the TCC framework.The Mac's increasing popularity is a blessing and a curseThe Mac's reputation for strong secu.....»»
Elon Musk’s X botched an attempt to replace “twitter.com” links with “x.com”
Automatic text replacement let users spoof URLs ending in x, like netflix.com. Enlarge / An X sign at company headquarters in San Francisco. (credit: Getty Images | Bloomberg) Elon Musk's clumsy brand shift from Twitter.....»»