Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack
The U.S. Department of Homeland Security’s Cyber Safety Review Board (CSRB) has released a scathing report on how Microsoft handled its 2023 Exchange Online attack,…
Category: Bleeping Computer
Hosting firm’s VMware ESXi servers hit by new SEXi ransomware
Chilean data center and hosting provider IxMetro Powerhost has suffered a cyberattack at the hands of a new ransomware gang known as SEXi, which encrypted…
Omni Hotels confirms cyberattack behind ongoing IT outage
Omni Hotels & Resorts has confirmed a cyberattack caused a nationwide IT outage that is still affecting its locations. In response to this incident, Omni…
SurveyLama data breach exposes info of 4.4 million users
Data breach alerting service Have I Been Pwned (HIBP) warns that SurveyLama suffered a data breach in February 2024, which exposed the sensitive data of…
Jackson County in state of emergency after ransomware attack
Jackson County, Missouri, is in a state of emergency after a ransomware attack took down some county services on Tuesday. “Jackson County has confirmed a…
AT&T faces lawsuits over data breach affecting 73 million customers
AT&T is facing multiple class-action lawsuits following the company’s admission to a massive data breach that exposed the sensitive data of 73 million current and…
Google fixes one more Chrome zero-day exploited at Pwn2Own
Google has fixed another zero-day vulnerability in the Chrome browser, which was exploited by security researchers during the Pwn2Own hacking contest last month. Tracked as…
US State Department investigates alleged theft of government data
The U.S. Department of State is investigating claims of a cyber incident after a threat actor leaked documents allegedly stolen from a government contractor. Acuity,…
Critical flaw in LayerSlider WordPress plugin impacts 1 million sites
A premium WordPress plugin named LayerSlider, used in over one million sites, is vulnerable to unauthenticated SQL injection, requiring admins to prioritize applying security updates…
Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks
IT security software company Ivanti has released patches to fix multiple security vulnerabilities impacting its Connect Secure and Policy Secure gateways. Unauthenticated attackers can exploit…
Winnti’s new UNAPIMON tool hides malware from security software
The Chinese ‘Winnti’ hacking group was found using a previously undocumented malware called UNAPIMON to let malicous processes run without being detected. Winnti, also known…
Microsoft warns Gmail blocks some Outlook email as spam, shares fix
Microsoft has confirmed that some Outlook.com users are experiencing issues with emails being blocked and marked as spam when trying to email Gmail accounts. This…