Chinese hackers fail to rebuild botnet after FBI takedown
Chinese Volt Typhoon state hackers failed to revive a botnet recently taken down by the FBI, which was previously used in attacks targeting critical infrastructure across…
Category: Bleeping Computer
How to Apply Zero Trust to your Active Directory
In the past, many organizations chose to trust users and devices within their secure perimeters. This is no longer possible, with workers spread out geographically…
No, 3 million electric toothbrushes were not used in a DDoS attack
Update added below with Fortinet’s statement confirming our reporting. A widely reported story that 3 million electric toothbrushes were hacked with malware to conduct distributed denial…
Critical Cisco bug exposes Expressway gateways to CSRF attacks
Cisco has patched several vulnerabilities affecting its Expressway Series collaboration gateways, two of them rated as critical severity and exposing vulnerable devices to cross-site request…
Fortinet warns of new FortiSIEM RCE bugs in confusing disclosure
Fortinet is warning of two new unpatched patch bypasses for a critical remote code execution vulnerability in FortiSIEM, Fortinet’s SIEM solution. Fortinet added the two…
Chinese hackers hid in US infrastructure network for 5 years
The Chinese Volt Typhoon cyber-espionage group infiltrated a critical infrastructure network in the United States and remained undetected for at least five years before being…
Facebook ads push new Ov3r_Stealer password-stealing malware
A new password-stealing malware named Ov3r_Stealer is spreading through fake job advertisements on Facebook, aiming to steal account credentials and cryptocurrency. The fake job ads…
Denmark orders schools to stop sending student data to Google
The Danish data protection authority (Datatilsynet) has issued an injunction regarding student data being funneled to Google through the use of Chromebooks and Google Workspace…
Google tests blocking side-loaded Android apps with risky permissions
Google has launched a new pilot program to fight financial fraud by blocking the sideloading of Android APK files that request access to risky permissions.…
The unlikely 3 million electric toothbrush DDoS attack
A widely reported story that 3 million electric toothbrushes were hacked with malware to conduct distributed denial of service (DDoS) attacks is likely a hypothetical…
Critical flaw in Shim bootloader impacts major Linux distros
A critical vulnerability in the Shim Linux bootloader enables attackers to execute code and take control of a target system before the kernel is loaded,…
Critical FortiSIEM CVEs are duplicates, issued in error
NVD published two advisories this week for critical command injection vulnerabilities purportedly impacting Fortinet’s FortiSIEM products, but there’s more to what meets the eye. BleepingComputer has confirmed…