Unpatched Zimbra flaw under attack is letting hackers backdoor servers
The flaw has been under attack since at least early September. Enlarge (credit: Jeremy Brooks / Flickr) An unpatched code-execution vulnerability in the Zimbra Collaboration software is under active exploitation by attackers u.....»»
Exposed: Russian military Unit 29155 does digital sabotage, espionage
The US Department of Justice has named five Russian computer hackers as members of Unit 29155 – i.e., the 161st Specialist Training Center of the Russian General Staff Main Intelligence Directorate (GRU) – which they deem resposible for t.....»»
Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195)
For the fourth time in the last five months, Apache OFBiz users have been advised to upgrade their installations to fix a critical flaw (CVE-2024-45195) that could lead to unauthenticated remote code execution. About CVE-2024-45195 Apache OFBiz is an.....»»
83% of organizations experienced at least one ransomware attack in the last year
Ransomware is an all-too-common occurrence: 83% of organizations have experienced at least one ransomware attack in the last year, 46% of respondents experienced four or more and 14% indicated they experienced 10 or more. Of those respondents who exp.....»»
Georgia school shooter suspect interviewed by police a year before attack
Georgia school shooter suspect interviewed by police a year before attack.....»»
Bitdefender Security for Creators protects YouTube content creators and influencers from hackers
Bitdefender unveiled Bitdefender Security for Creators, a service specifically designed for digital content producers, online creative professionals and social media influencers who are prime targets for account takeovers, fraud, and other cybercrime.....»»
Viewpoint: In the face of DEI backlash, belonging plays a key role to future success
Diversity, equity and inclusion efforts have become increasingly visible in U.S. workplaces, especially over the past five years. However, DEI has recently come under attack, with companies scaling back their DEI plans......»»
Business routers vulnerable to OS command injection attack
Zyxel fixes a 9.8-severity vulnerability in multiple endpoints......»»
North Korean hackers’ social engineering tricks
“North Korean malicious cyber actors conducted research on a variety of targets connected to cryptocurrency exchange-traded funds (ETFs) over the last several months,” the FBI has warned through a public service announcement. This suggest.....»»
OpenBAS: Open-source breach and attack simulation platform
OpenBAS is an open-source platform that enables organizations to plan, schedule, and execute crisis exercises, adversary simulations, and breach simulations. Compliant with ISO 22398 standards, OpenBAS is built as a modern web application featuring a.....»»
Man indicted on first-degree murder charge in death of Fla. dealership co-worker
Steve Tilbury is accused of fatally striking his co-worker with a metal baseball bat in a premeditated attack......»»
The attack with many names: SMS Toll Fraud
Bad actors leverage premium-rate phone numbers and bots to steal billions of dollars from businesses. In this Help Net Security video, Frank Teruel, CFO at Arkose Labs, discusses how to spot and stop them. The post The attack with many names: SMS Tol.....»»
Critical flaw in Zyxel’s secure routers allows OS command execution via cookie (CVE-2024-7261)
Zyxel has patched a myriad of vulnerabilities in its various networking devices, including a critical one (CVE-2024-7261) that may allow unauthenticated attackers to execute OS commands on many Zyxel access points (APs) and security routers by sendin.....»»
YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel
Sophisticated attack breaks security assurances of the most popular FIDO key. Enlarge (credit: Yubico) The YubiKey 5, the most widely used hardware token for two-factor authentication based on the FIDO standard, contains.....»»
Fla. dealership employee indicted on first-degree murder charge in death of co-worker
Steve Tilbury is accused of fatally striking his co-worker with a metal baseball bat in a premeditated attack......»»
Fla. dealership employee indicted for first-degree murder in death of co-worker
Steve Tilbury is accused of fatally striking his co-worker with a metal baseball bat in a premeditated attack......»»
City of Columbus sues man after he discloses severity of ransomware attack
Mayor said data was unusable to criminals; researcher proved otherwise. Enlarge (credit: Getty Images) A judge in Ohio has issued a temporary restraining order against a security researcher who presented evidence that a.....»»
Research exposes how repeated information warps our decisions
Imagine the decisions you make every day, such as what to buy, who to trust, or who to vote for, are heavily influenced by a simple yet powerful flaw in your reasoning. Economists at the University of Surrey argue that people are systematically decei.....»»
Many of the biggest websites have opted out of Apple Intelligence training
Generative AI systems are trained by letting them surf the web to scrape content. Apple allows publishers to opt out of its scraping, and a new report says that many of the biggest websites have specifically opted out of Apple Intelligence training......»»
Commercial spyware vendor exploits used by Kremlin-backed hackers, Google says
Findings undercut pledges of NSO Group and Intgellexa their wares won't be abused. Enlarge (credit: Getty Images) Critics of spyware and exploit sellers have long warned that the advanced hacking sold by commercial surve.....»»
Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites
Suspected Russian hackers have been hitting iPhone and Android users visiting government websites with exploits first leveraged by commercial surveillance vendors, Google TAG researchers shared. The watering hole campaigns Between November 2023 and J.....»»