Category: Bleeping Computer

Codesys
11
Aug
2023

Industrial PLCs worldwide impacted by CODESYS V3 RCE flaws

Millions of PLC (programmable logic controllers) used in industrial environments worldwide are at risk to 15 vulnerabilities in the CODESYS…

Amazon AWS
11
Aug
2023

Amazon AWS withdraws Moq sponsorship amid data collection controversy

Amazon AWS has dropped sponsorship support for open source project Moq after the project drew sharp criticism for its quiet addition of data…

Lapsus$ hackers paid telco employee $20,000 per week for SIM-swaps
11
Aug
2023

Lapsus$ hackers took SIM-swapping attacks to the next level

The U.S. government released a report after analyzing simple techniques, e.g. SIM swapping, used by the Lapsus$ extortion group to…

RapperBot DDoS malware adds cryptojacking as new revenue stream
10
Aug
2023

Gafgyt malware exploits five-years-old flaw in EoL Zyxel router

Fortinet has issued an alert warning that the Gafgyt botnet malware is actively trying to exploit a vulnerability in the…

Microsoft Exchange
10
Aug
2023

Microsoft Exchange updates pulled after breaking non-English installs

Microsoft has pulled Microsoft Exchange Server’s August security updates from Windows Update after finding they break Exchange on non-English installs. On…

Bouncer
10
Aug
2023

MoustachedBouncer hackers use AiTM attacks to spy on diplomats

Image: Midjourney A cyberespionage group named ‘MoustachedBouncer’ has been observed using adversary-in-the-middle (AitM) attacks at ISPs to hack foreign embassies…

Barracuda
10
Aug
2023

New Whirlpool backdoor used in Barracuda ESG hacks

Image: Midjourney The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has discovered a new backdoor malware named ‘Whirlpool’ used in…

Malware
10
Aug
2023

Exploring the Stealer Log Lifecycle

The first seven months of 2023 have seen a continued rapid evolution of the cybercrime ecosystem. Ransomware data exfiltration attacks,…

Key
10
Aug
2023

Dell Compellent hardcoded key exposes VMware vCenter admin creds

An unfixed hardcoded encryption key flaw in Dell’s Compellent Integration Tools for VMware (CITV) allows attackers to decrypt stored vCenter…

Bitcoin
09
Aug
2023

New BitForge cryptocurrency wallet flaws lets hackers steal crypto

Image: Midjourney Multiple zero-day vulnerabilities named ‘BitForge’ in the implementation of widely used cryptographic protocols like GG-18, GG-20, and Lindell…

Hacker monitoring monitors
09
Aug
2023

Hackers use open source Merlin post-exploitation toolkit in attacks

Ukraine is warning of a wave of attacks targeting state organizations using ‘Merlin,’ an open-source post-exploitation and command and control…

Data theft
09
Aug
2023

Missouri warns that health info was stolen in IBM MOVEit data breach

Missouri’s Department of Social Services warns that protected Medicaid healthcare information was exposed in a data breach after IBM suffered…