Stealthy Flax Typhoon hackers use LOLBins to evade detection
Microsoft has identified a new hacking group it now tracks as Flax Typhoon that argets government agencies and education, critical manufacturing,...
Read more →Category: Bleeping Computer
Leaseweb is restoring ‘critical’ systems after security breach
Leaseweb, one of the world’s largest cloud and hosting providers, notified people that it’s working on restoring “critical” systems disabled...
Read more →
Kroll data breach exposes info of FTX, BlockFi, Genesis creditors
Multiple reports on social media warn of a data breach at financial and risk advisory company Kroll that resulted in...
Read more →
FBI warns of patched Barracuda ESG appliances still being hacked
The Federal Bureau of Investigation warned that patches for a critical Barracuda Email Security Gateway (ESG) remote command injection flaw...
Read more →
Ransomware hackers dwell time drops to 5 days, RDP still widely used
Ransomware threat actors are spending less time on compromised networks before security solutions sound the alarm. In the first half of...
Read more →
Jupiter X Core WordPress plugin could let hackers hijack sites
Two vulnerabilities affecting some version of Jupiter X Core, a premium plugin for setting up WordPress and WooCommerce websites, allow...
Read more →
Last call for mWISE, the security conference for frontline practitioners.
We’re down to the final weeks of registration for mWISE, the highly targeted, community-focused cybersecurity conference from Mandiant, now part...
Read more →
New Whiffy Recon malware uses WiFi to triangulate your location
Cybercriminals behind the Smoke Loader botnet are using a new piece of malware called Whiffy Recon to triangulate the location...
Read more →
New Windows updates cause UNSUPPORTED_PROCESSOR blue screens
Microsoft says the August 2023 preview updates released this week for Windows 11 and Windows 10 systems are causing blue...
Read more →
Exploit released for Ivanti Sentry bug abused as zero-day in attacks
Proof-of-concept exploit code is now available for a critical Ivanti Sentry authentication bypass vulnerability that enables attackers to execute code...
Read more →
Hackers use public ManageEngine exploit to breach internet org
The North Korean state-backed hacker group tracked as Lazarus has been exploiting a critical vulnerability (CVE-2022-47966) in Zoho’s ManageEngine ServiceDesk...
Read more →
Lapsus$ teen hackers convicted of high-profile cyberattacks
A London jury has found that an 18-year-old member of the Lapsus$ data extortion gang helped hack multiple high-profile companies, stole...
Read more →