Ongoing Microsoft Azure account hijacking campaign targets executives
A phishing campaign detected in late November 2023 has compromised hundreds of user accounts in dozens of Microsoft Azure environments, including those of senior executives.…
Category: Bleeping Computer
Roundcube email server bug now exploited in attacks
CISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks. The security flaw (CVE-2023-43770) is…
Hackers exploit Ivanti SSRF flaw to deploy new DSLog backdoor
Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on…
Free Rhysida ransomware decryptor for Windows exploits RNG flaw
South Korean researchers have publicly disclosed an encryption flaw in the Rhysida ransomware encryptor, allowing the creation of a Windows decryptor to recover files for…
Ransomware attack forces 18 Romanian hospitals to go offline
At least 18 hospitals in Romania were knocked offline after a ransomware attack took down their healthcare management system. The Hipocrate Information System (HIS) used by…
ExpressVPN bug has been leaking some DNS requests for years
ExpressVPN has removed the split tunneling feature from the latest version of its software after finding that a bug exposed the domains users were visiting…
Raspberry Robin malware evolves with early access to Windows exploits
Recent versions of the Raspberry Robin malware are stealthier and implement one-day exploits that are deployed only on systems that are susceptible to them. One-day exploits refer…
UK to replace physical biometric immigration cards with e-visas
By 2025, Britain is set to ditch physical immigration status documents such as Biometric Residence Permits (BRPs) and Biometric Residence Cards (BRCs) in a bid…
Americans lost record $10 billion to fraud in 2023, FTC warns
The U.S. Federal Trade Commission (FTC) says Americans lost over $10 billion to scammers in 2023, marking a 14% increase in reported losses compared to…
New Fortinet RCE bug is actively exploited, CISA confirms
CISA confirmed today that attackers are actively exploiting a critical remote code execution (RCE) bug patched by Fortinet on Thursday. The flaw (CVE-2024-21762) is due…
Canada to ban the Flipper Zero to stop surge in car thefts
The Canadian government plans to ban the Flipper Zero and similar devices after tagging them as tools thieves can use to steal cars. The Flipper…
Outlook clients not syncing over Exchange ActiveSync
Microsoft warned Outlook for Microsoft 365 users that clients might have issues connecting to email servers via Exchange ActiveSync after a January update. Exchange ActiveSync…