Poisoned Installers Found In SolarWinds Hackers Toolkit
wiredmikey shares a report from SecurityWeek: The ongoing multi-vendor investigations into the SolarWinds mega-hack took another twist this week with the discovery of new malware artifacts that could be used in future supply chain attacks. According.....»»
Rain Technology Laptop Switchable Privacy protects against visual hackers and snoopers
Rain Technology has introduced Laptop Switchable Privacy. Designed for tier one manufacturers and supply chain providers, the embedded screen technology protects against visual hackers and snoopers for enterprises and consumers — at the office or r.....»»
Research-based toolkit supports neurodiverse children
A new child-centered suite of resources, backed by the latest research, has been launched to support parents and teachers of neurodiverse children......»»
Unpatchable 0-day in surveillance cam is being exploited to install Mirai
Vulnerability is easy to exploit and allows attackers to remotely execute commands. Enlarge (credit: Getty Images) Malicious hackers are exploiting a critical vulnerability in a widely used security camera to spread Mira.....»»
Pioneer Kitten: Iranian hackers partnering with ransomware affiliates
A group of Iranian hackers – dubbed Pioneer Kitten by cybersecurity researchers – is straddling the line between state-contracted cyber espionage group and initial access provider (and partner in crime) for affiliates of several ransomwar.....»»
Diligent NIS2 Compliance Toolkit helps organizations bolster their cybersecurity resilience
Diligent launched its Network and Information Security Directive (NIS2) Compliance Toolkit, designed to help organizations navigate the complexities of the European Union (EU) NIS2 Directive and bolster their cybersecurity resilience. The toolkit map.....»»
How VPNs protect you from governments, thieves, and your boss
Governments, ISPs, and even your employer can watch every online move you make. Here's how the best VPN apps can keep your online life safe.The best VPN for iPhone apps can protect you from governments, hackers, even your employerMany countries openl.....»»
Hackers infect ISPs with malware that steals customers’ credentials
Zero-day that was exploited since June to infect ISPs finally gets fixed. Enlarge (credit: Getty Images) Malicious hackers likely working on behalf of the Chinese government have been exploiting a high-severity zero-day.....»»
Another critical SolarWinds Web Help Desk bug fixed (CVE-2024-28987)
A week after SolarWinds released a fix for a critical code-injection-to-RCE vulnerability (CVE-2024-28986) in Web Help Desk (WHD), another patch for another critical flaw (CVE-2024-28987) in the company’s IT help desk solution has been pushed o.....»»
GitHub Enterprise Server has a critical security flaw, so patch now
A newly discovered security flaw allows hackers to elevate their privileges and thus take over vulnerable endpoints......»»
Toyota confirms data breach after info leaked on cybercrime forum
Carmaker confirms losing hundreds of gigabytes of sensitive customer data to hackers calling themselves ZeroSevenGroup......»»
0-day in Windows driver exploited by North Korean hackers to deliver rootkit (CVE-2024-38193)
CVE-2024-38193, an actively exploited zero-day that Microsoft patched earlier this month, has been leveraged by North Korean hackers to install a rootkit on targets’ computers, Gen Digital researchers have revealed. About CVE-2024-38193 CVE-202.....»»
Vulnerability in Microsoft apps allowed hackers to spy on Mac users
A vulnerability found in Microsoft apps for macOS allowed hackers to spy on users. Security researchers from Cisco Talos reported in a blog post how the vulnerability could be exploited by attackers and what Microsoft has been doing to fix the explo.....»»
Windows 0-day was exploited by North Korea to install advanced rootkit
FudModule rootkit burrows deep into Windows, where it can bypass key security defenses. Enlarge (credit: Getty Images) A Windows zero-day vulnerability recently patched by Microsoft was exploited by hackers working on be.....»»
Critical RCE bug in SolarWinds Web Help Desk fixed (CVE-2024-28986)
SolarWinds has fixed a critical vulnerability (CVE-2024-28986) in its Web Help Desk (WHD) solution that may allow attackers to run commands on the host machine. “While it was reported as an unauthenticated vulnerability, SolarWinds has been una.....»»
Critical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218)
Two vulnerabilities (CVE-2024-42219, CVE-2024-42218) affecting the macOS version of the popular 1Password password manager could allow malware to steal secrets stored in the software’s vaults and obtain the account unlock key, AgileBits has con.....»»
5G network flaws could be abused to let hackers spy on your phone
Researchers have developed a tool to sniff out 5G vulnerabilities, and even gain access to a victim's device......»»
An 18-year-old Safari loophole exploited by hackers is finally being fixed by Apple
There’s a pesky loophole lurking in every major browser, including Apple’s Safari, Google Chrome, and Mozilla Firefox, that hackers have been exploiting for the past … The post An 18-year-old Safari loophole exploited by hackers is.....»»
macOS Sequoia to fix exploit that lets hackers access internal networks
Apple and other tech companies are constantly looking for ways to improve the security of their operating systems. Even so, some things go unnoticed. An exploit from 18 years ago is still being actively used by hackers to access internal networks, bu.....»»
Mac and Windows users infected by software updates delivered over hacked ISP
DNS poisoning attack worked even when targets used DNS from Google and Cloudflare. Enlarge (credit: Marco Verch Professional Photographer and Speaker) Hackers delivered malware to Windows and Mac users by compromising th.....»»
Hacked ISP infects users receiving unsecure software updates
DNS poisoning attack worked even when targets used DNS from Google and Cloudflare. Enlarge (credit: Marco Verch Professional Photographer and Speaker) Hackers delivered malware to Windows and Mac users by compromising th.....»»