Veeam warns of critical Backup Enterprise Manager auth bypass bug
Veeam warned customers today to patch a critical security vulnerability that allows unauthenticated attackers to sign into any account via...
Read more →Category: Bleeping Computer
GhostEngine mining attacks kill EDR security using vulnerable drivers
A malicious crypto mining campaign codenamed ‘REF4578,’ has been discovered deploying a malicious payload named GhostEngine that uses vulnerable drivers to turn off...
Read more →
LockBit says they stole data in London Drugs ransomware attack
Today, the LockBit ransomware gang claimed they were behind the April cyberattack on Canadian pharmacy chain London Drugs and is...
Read more →
Bitbucket artifact files can leak plaintext authentication secrets
Threat actors were found breaching AWS accounts using authentication secrets leaked as plaintext in Atlassian Bitbucket artifact objects. The issue was...
Read more →
Western Sydney University data breach exposed student data
Western Sydney University (WSU) has notified students and academic staff about a data breach after threat actors breached its Microsoft...
Read more →
Atlassian Bitbucket artifacts can leak plaintext auth secrets
Threat actors were found breaching AWS accounts using authentication secrets leaked as plaintext in Atlassian Bitbucket artifact objects. The issue was...
Read more →
Rockwell Automation warns admins to take ICS devices offline
Rockwell Automation warned customers to disconnect all industrial control systems (ICSs) not designed for online exposure from the Internet due...
Read more →
Google rolls out Chrome fix for empty pages when switching tabs
Google is rolling out a server-side fix for a known issue affecting the Chrome browser that causes webpage content to...
Read more →
GitHub warns of SAML auth bypass flaw in Enterprise Server
GitHub has fixed a maximum severity (CVSS v4 score: 10.0) authentication bypass vulnerability tracked as CVE-2024-4986, which impacts GitHub Enterprise Server (GHES)...
Read more →
Zoom adds post-quantum end-to-end encryption to video meetings
Zoom has announced the global availability of post-quantum end-to-end encryption (E2EE) for Zoom Meetings, with Zoom Phone and Zoom Rooms...
Read more →
OmniVision discloses data breach after 2023 ransomware attack
The California-based imaging sensors manufacturer OmniVision is warning of a data breach after the company suffered a Cactus ransomware attack...
Read more →
Critical Fluent Bit flaw impacts all major cloud providers
A critical Fluent Bit vulnerability that can be exploited in denial-of-service and remote code execution attacks impacts all major cloud...
Read more →