Unpatched Zimbra flaw under attack is letting hackers backdoor servers
The flaw has been under attack since at least early September. Enlarge (credit: Jeremy Brooks / Flickr) An unpatched code-execution vulnerability in the Zimbra Collaboration software is under active exploitation by attackers u.....»»
Chinese hack of US ISPs shows why Apple is right about backdoors for law enforcement
It was revealed this weekend that Chinese hackers managed to access systems run by three of the largest internet service providers (ISPs) in the US. What’s notable about the attack is that it compromised security backdoors deliberately created t.....»»
BreachLock Attack Surface Analytics strengthens enterprise CTEM capabilities
BreachLock strengthens continuous threat exposure management (CTEM) capabilities for enterprise customers with its new Attack Surface Analytics feature. Time is of the essence when Fortune 500 security teams find themselves waking up to a Code Red vu.....»»
Colleges could benefit from taking a data-driven look at hostility toward Jews on campus
In the year that has passed since the Oct. 7 attack by Hamas on Israel, college campuses have been embroiled in debates about the resulting conflict. A major focus of these debates has been the surge in reports of antisemitic harassment of Jewish stu.....»»
Reports: China hacked Verizon and AT&T, may have accessed US wiretap systems
Chinese hackers were in networks of major ISPs “for months,” WSJ reports. Chinese government hackers penetrated the networks of several large US-based Internet service provide.....»»
Chinese hackers allegedly hit US wiretap systems to hit broadband networks
China put a backdoor on the US’s backdoor and reportedly used it to spy on American citizens......»»
SOC teams are frustrated with their security tools
Security operations center (SOC) practitioners believe they are losing the battle detecting and prioritizing real threats – due to too many siloed tools and a lack of accurate attack signal, according to Vectra AI. They cite a growing distrust in v.....»»
The case for enterprise exposure management
For several years, external attack surface management (EASM) has been an important focus for many security organizations and the vendors that serve them. EASM, attempting to discover the full extent of an organization’s external attack surface and.....»»
Can’t get into Throne and Liberty? New server cap limits may help
As it turns out, the servers were overencumbered. Amazon Games has given them a strength boost......»»
Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: October 2024 Patch Tuesday forecast: Recall can be recalled October arrived, and Microsoft started the month by announcing the release of Windows 11.....»»
Phage cocktail shows promise against drug-resistant bacteria
Researchers have a new battle tactic to fight drug-resistant bacterial infections. Their strategy involves using collections of bacteriophages, viruses that naturally attack bacteria. In a new study, researchers at the University of Chicago Pritzker.....»»
Cybercriminals capitalize on poorly configured cloud environments
Off-the-shelf offensive security tools and poorly configured cloud environments create openings in the attack surface, according to Elastic. Adversaries are utilizing off-the-shelf tools Offensive security tools (OSTs), including Cobalt Strike and Me.....»»
100+ domains seized to stymie Russian Star Blizzard hackers
Microsoft and the US Justice Department have seized over 100 domains used by Star Blizzard, a Russian nation-state threat actor. “Between January 2023 and August 2024, Microsoft observed Star Blizzard target over 30 civil society organizations.....»»
Toyota curbs DEI policy after activist attack over LGBTQ support
Toyota Motor Corp. will refocus DEI programs and halt sponsorship of LGBTQ events......»»
Critical Ivanti Endpoint Manager flaw exploited (CVE-2024-29824)
CVE-2024-29824, an unauthenticated SQL Injection vulnerability in Ivanti Endpoint Manager (EPM) appliances, is being exploited by attackers, the Cybersecurity and Infrastructure Security Agency has confirmed by adding the bug to its Known Exploited V.....»»
Manufacturers are lucrative targets for cybercriminals
Hackers and other bad actors believe manufacturers are behind on security measures and more likely to pay a ransom......»»
Thousands of Zimbra servers attacked following email account compromise
The attacks don't seem to be that effective right now, but a patch should still be installed......»»
Attackers exploit critical Zimbra vulnerability using cc’d email addresses
When successful, attacks install a backdoor. Getting it to work reliably is another matter. Attackers are actively exploiting a critical vulnerability in mail servers sold by Zimb.....»»
Final Fantasy 14 eases its inactivity policy due to Hurricane Helene
Due to Hurricane Helene, Square Enix announced that Final Fantasy 14 players on U.S. servers temporarily won't get their homes demolished......»»
How the Apple Watch saved my life
Have you ever almost died? I did, due to a heart attack at the age of 33. In the years since, here's how the Apple Watch has repeatedly saved my life......»»
Latest Microsoft Office for Mac now available without subscription
Two new subscription-free versions of Office for Mac are now available from Microsoft, with Office Home 2024 costing $149.99. For my money, the standalone versions are by far the best value, letting you buy them once and use them as long as you li.....»»