Microsoft expands free logging capabilities after May breach
Microsoft has expanded free logging capabilities for all Purview Audit standard customers, including U.S. federal agencies, six months after disclosing...
Read more →Category: Bleeping Computer
Joomla fixes XSS flaws that could expose sites to RCE attacks
Five vulnerabilities have been discovered in the Joomla content management system that could be leveraged to execute arbitrary code on...
Read more →
Fraudsters tried to scam Apple out of 5,000 iPhones worth over $3 million
Two Chinese nationals face 20 years in prison after being caught and convicted of submitting over 5,000 fake iPhones worth...
Read more →
US govt shares cyberattack defense tips for water utilities
CISA, the FBI, and the Environmental Protection Agency (EPA) shared a list of defense measures U.S. water utilities should implement...
Read more →
ScreenConnect critical bug now under attack as exploit code emerges
Both technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its...
Read more →
US offers $15 million bounty for info on LockBit ransomware gang
The U.S. State Department is now also offering rewards of up to $15 million to anyone who can provide information...
Read more →
Critical infrastructure software maker confirms ransomware attack
PSI Software SE, a German software developer for complex production and logistics processes, has confirmed that the cyber incident it disclosed...
Read more →
Ransomware Groups, Targeting Preferences, and the Access Economy
How do ransomware groups pick their targets? It’s a rhetorical question: in the vast majority of cases they don’t. Ransomware-as-a-service...
Read more →
Signal rolls out usernames that let you hide your phone number
End-to-end encrypted messaging app Signal finally allows users to pick custom usernames to connect with others while protecting their phone number...
Read more →
New Migo malware disables protection features on Redis servers
Security researchers discovered a new campaign that targets Redis servers on Linux hosts using a piece of malware called ‘Migo’...
Read more →
VoltSchemer attacks use wireless chargers to inject voice commands, fry phones
A team of academic researchers show that a new set of attacks called ‘VoltSchemer’ can inject voice commands to manipulate a smartphone’s...
Read more →
VMware urges admins to remove deprecated, vulnerable auth plug-in
VMware urged admins today to remove a discontinued authentication plugin exposed to authentication relay and session hijack attacks in Windows domain...
Read more →