QNAP patches second zero-day exploited at Pwn2Own to get root
QNAP has released security patches for a second zero-day bug exploited by security researchers during last week’s Pwn2Own hacking contest....
Read more →Category: Bleeping Computer
North Korean govt hackers linked to Play ransomware attack
The North Korean state-sponsored hacking group tracked as ‘Andariel’ has been linked to the Play ransomware operation, using the RaaS...
Read more →
Android malware “FakeCall” now reroutes bank calls to attackers
A new version of the FakeCall malware for Android hijacks outgoing calls from a user to their bank, redirecting them...
Read more →
Hackers steal 15,000 cloud credentials from exposed Git config files
A large-scale malicious operation named “EmeraldWhale” scanned for exposed Git configuration files to steal over 15,000 cloud account credentials from...
Read more →
Upcoming U.S. general election fuel multiple fraud schemes
The Federal Bureau of Investigation (FBI) is warning of multiple schemes taking advantage of the upcoming U.S. general election to...
Read more →
Massive PSAUX ransomware attack targets 22,000 CyberPanel instances
Over 22,000 CyberPanel instances exposed online to a critical remote code execution (RCE) vulnerability were mass-targeted in a PSAUX ransomware...
Read more →
New Windows Themes zero-day gets free, unofficial patches
Free unofficial patches are now available for a new Windows Themes zero-day vulnerability that allows attackers to steal a target’s...
Read more →
QNAP fixes NAS backup software zero-day exploited at Pwn2Own
QNAP has fixed a critical zero-day vulnerability exploited by security researchers on Thursday to hack a TS-464 NAS device during...
Read more →
Russian charged by U.S. for creating RedLine infostealer malware
The United States announced charges today against Maxim Rudometov, a Russian national, for being the suspected developer and administrator of...
Read more →
New tool bypasses Google Chrome’s new cookie encryption system
A researcher has released a tool to bypass Google’s new App-Bound encryption cookie-theft defenses and extract saved credentials from the...
Read more →
Exchange Online adds Inbound DANE with DNSSEC for everyone
Microsoft announced today that inbound SMTP DANE with DNSSEC for Exchange Online, a new capability to boost email security and...
Read more →
Russia targets Ukrainian conscripts with Windows, Android malware
A hybrid espionage/influence campaign conducted by the Russian threat group ‘UNC5812’ has been uncovered, targeting Ukrainian military recruits with Windows...
Read more →