Unpatched Zimbra flaw under attack is letting hackers backdoor servers
The flaw has been under attack since at least early September. Enlarge (credit: Jeremy Brooks / Flickr) An unpatched code-execution vulnerability in the Zimbra Collaboration software is under active exploitation by attackers u.....»»
Meta testing Face ID-like video selfie to recover your Instagram or Facebook account
Meta is testing facial recognition as a way of letting you instantly recover your Instagram or Facebook account if you find yourself locked out. The process of submitting a video selfie looks much the same as that used to register for Face ID, requir.....»»
Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383)
Attackers have exploited an XSS vulnerability (CVE-2024-37383) in the Roundcube Webmail client to target a governmental organization of a CIS country, Positive Technologies (PT) analysts have discovered. The vulnerability was patched in May 2024, in.....»»
The masked madness has only begun in the eerie teaser for The Strangers: Chapter 2
After surviving the cabin attack, Maya is still on the run from the masked intruders in the teaser for The Strangers: Chapter 2......»»
Teen surfer survives shark attack in Brevard County: "Could have been so much worse"
Teen surfer survives shark attack in Brevard County: "Could have been so much worse".....»»
Jacksonville Sheriff calls banner flown about him ‘hateful;’ councilman says it was ‘racist attack’
Jacksonville Sheriff calls banner flown about him ‘hateful;’ councilman says it was ‘racist attack’.....»»
Israeli orgs targeted with wiper malware via ESET-branded emails
Attackers have tried to deliver wiper malware to employees at organizations across Israel by impersonating cybersecurity company ESET via email. The phishing email The attack took the form of a phishing email ostensibly sent by the “Eset Advanc.....»»
Security Bite: Hackers are now directing users to Terminal to bypass Gatekeeper in macOS Sequoia
9to5Mac Security Bite is exclusively brought to you by Mosyle, the only Apple Unified Platform. Making Apple devices work-ready and enterprise-safe is all we do. Our unique integrated approach to management and security combines state-of-the-art App.....»»
Connected vehicles and chargers use AI to combat hackers, improve customer experience
More than half of vehicles sold globally are connected, according to McKinsey & Co., and that is forecast to rise to 95 percent by the end of the decade. That connectivity gives hackers more targets......»»
Israel-Iran and the nine stages of how conflicts can escalate and get out of control
Tensions are running high in the Middle East. The murderous attack by Hamas on Israel on October 7 2023 kicked off a spiral of violence in the region. That has culminated, a year later, in Israel mounting a ground invasion of Lebanon. The invasion, w.....»»
North Korean hackers use newly discovered Linux malware to raid ATMs
Once, FASTCash ran only on Unix. Then came Windows. Now it can target Linux, too. In the beginning, North Korean hackers compromised the banking infrastructure running AIX, IBM’.....»»
Spotify criticized for letting fake albums appear on real artist pages
Real bands struggle to remove fake albums from their Spotify pages. This fall, thousands of fake albums were added to Spotify, with some appearing on real artist pages, where they.....»»
87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113)
Last week, CISA added CVE-2024-23113 – a critical vulnerability that allows unauthenticated remote code/command execution on unpatched Fortinet FortiGate firewalls – to its Known Exploited Vulnerabilities catalog, thus confirming that it&.....»»
CISOs’ strategies for managing a growing attack surface
In this Help Net Security interview, Rickard Carlsson, CEO at Detectify, discusses the evolution of attack surface management in the context of remote work and digital transformation. Carlsson highlights the challenges CISOs face today, including mai.....»»
Hackers take control of robovacs and use them to yell slurs
An attack using Ecovacs robot vacuums seems more mischievous than anything else, but it's still unsettling for those affected......»»
Data loss incidents impact patient care
92% of healthcare organizations experienced at least one cyber attack in the past 12 months, an increase from 88% in 2023, with 69% reporting disruption to patient care as a result, according to Proofpoint. Healthcare organizations struggle to mitiga.....»»
You can thank ROM hackers for Backyard Baseball’s comeback
Backyard Baseball's return to modern PCs may look like a simple case of emulation, but it was much more complicated than that......»»
Internet Archive data breach exposes 31M users; under DDoS attack
An Internet Archive data breach has been confirmed by the organisation, which has also been suffering Distributed Denial-of-Service (DDoS) attacks. The home of the Wayback Machine was previously attacked back in May. At this point, it’s being su.....»»
ESET updates Vulnerability and Patch Management module
ESET released its updated ESET Vulnerability and Patch Management module. With the new update, ESET V&PM has expanded to support Linux1 (desktops and servers), as well as macOS2 devices, covering broader parts of a business’ ecosystem. The V&PM.....»»
Tidal Cyber empowers organizations to improve their protection efforts
Tidal Cyber announced that it now incorporates test results from Breach and Attack Simulation (BAS) tools and other sources to complement the company’s existing Threat-Informed Defense capabilities. With this new integration, Tidal Cyber Enterprise.....»»
Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409)
If you run a self-managed GitLab installation with configured SAML-based authentication and you haven’t upgraded it since mid-September, do it now, because security researchers have published an analysis of CVE-2024-45409 and an exploit script.....»»