A ‘!password20231#’ password may not be as complex as you think
Modern IT system administrators know the importance of maintaining a strong password policy. In this article, we'll explore the evolution...
cybersecurity
Android Minecraft clones with 35M downloads infect users with adware
A set of 38 Minecraft copycat games on Google Play infected devices with the Android adware 'HiddenAds' to stealthily load...
Microsoft: Clop and LockBit ransomware behind PaperCut server hacks
Microsoft has attributed recent attacks on PaperCut servers to the Clop and LockBit ransomware operations, which used the vulnerabilities to...
Thousands of Apache Superset servers exposed to RCE attacks
Apache Superset is vulnerable to authentication bypass and remote code execution at default configurations, allowing attackers to potentially access and...
Chinese hackers use new Linux malware variants for espionage
Hackers are deploying new Linux malware variants in cyberespionage attacks, such as a new PingPull variant and a previously undocumented...
Google disrupts the CryptBot info-stealing malware operation
Google is taking down malware infrastructure linked to the Cryptbot info stealer after suing those using it to infect Google Chrome users...
PrestaShop fixes bug that lets any backend user delete databases
The open-source e-commerce platform PrestaShop has released a new version that addresses a critical-severity vulnerability allowing any back-office user to...
Cisco discloses XSS zero-day flaw in server management tool
Cisco disclosed today a zero-day vulnerability in the company's Prime Collaboration Deployment (PCD) software that can be exploited for cross-site...
Tencent QQ users hacked in mysterious malware attack, says ESET
A Chinese APT hacking group known as 'Evasive Panda' is linked to a mysterious attack that distributed the MsgBot malware as...
Clop, LockBit ransomware gangs behind PaperCut server attacks
Microsoft has attributed recent attacks on PaperCut servers to the Clop and LockBit ransomware operations, which used the vulnerabilities to...
Ukrainian arrested for selling data of 300M people to Russians
The Ukrainian cyber police have arrested a 36-year-old man from the city of Netishyn for selling the personal data and...
VMware fixes critical zero-day exploit chain used at Pwn2Own
VMware has released security updates to address zero-day vulnerabilities that could be chained to gain code execution systems running unpatched...
New SLP bug can lead to massive 2,200x DDoS amplification attacks
A new reflective Denial-of-Service (DoS) amplification vulnerability in the Service Location Protocol (SLP) allows threat actors to launch massive denial-of-service...
TP-Link Archer WiFi router flaw exploited by Mirai malware
The Mirai malware botnet is actively exploiting a TP-Link Archer A21 (AX1800) WiFi router vulnerability tracked as CVE-2023-1389 to incorporate...
Yellow Pages Canada confirms cyber attack as Black Basta leaks data
Yellow Pages Group, a Canadian directory publisher has confirmed to BleepingComputer that it has been hit by a cyber attack. Black...
Microsoft 365 search outage affects Outlook, Teams, and SharePoint
Microsoft is investigating an ongoing issue preventing some customers from using the search functionality across multiple Microsoft 365 services. The...
KuCoin’s Twitter account hacked to promote crypto scam
KuCoin's Twitter account was hacked, allowing attackers to promote a fake giveaway scam that led to the theft of over...
Intel CPUs vulnerable to new transient execution side-channel attack
A new side-channel attack impacting multiple generations of Intel CPUs has been discovered, allowing data to be leaked through the...
VirusTotal now has an AI-powered malware analysis feature
VirusTotal announced on Monday the launch of a new artificial intelligence-based code analysis feature named Code Insight. The new feature...
Exploit released for PaperCut flaw abused to hijack servers, patch now
Attackers are exploiting severe vulnerabilities in the widely-used PaperCut MF/NG print management software to install Atera remote management software to...
APC warns of critical unauthenticated RCE flaws in UPS software
APC's Easy UPS Online Monitoring Software is vulnerable to unauthenticated arbitrary remote code execution, allowing hackers to take over devices...
Hackers can breach networks using data on resold corporate routers
Enterprise-level network equipment on the secondary market hide sensitive data that hackers could use to breach corporate environments or to...
Decoy Dog malware toolkit found after analyzing 70 billion DNS queries
A new enterprise-targeting malware toolkit called ‘Decoy Dog’ has been discovered after inspecting anomalous DNS traffic that is distinctive from...
GitHub now allows enabling private vulnerability reporting at scale
GitHub announced that private vulnerability reporting is now generally available and can be enabled at scale, on all repositories belonging...
