TP-Link smart bulbs can let hackers steal your WiFi password
Researchers from Italy and the UK have discovered four vulnerabilities in the TP-Link Tapo L530E smart bulb and TP-Link’s Tapo app, which could allow attackers…
Category: Bleeping Computer
Sneaky Amazon Google ad leads to Microsoft support scam
A legitimate-looking ad for Amazon in Google search results redirects visitors to a Microsoft Defender tech support scam that locks up their browser. Today, BleepingComputer…
Ongoing Duo outage causes Azure Auth authentication errors
Cisco-owned multi-factor authentication (MFA) provider Duo Security is investigating an ongoing outage that has been causing authentication failures and errors starting three hours ago. The…
Ivanti warns of new actively exploited MobileIron zero-day bug
US-based IT software company Ivanti warned customers today that a critical Sentry API authentication bypass vulnerability is being exploited in the wild. Ivanti Sentry (formerly…
Japanese watchmaker Seiko breached by BlackCat ransomware gang
The BlackCat/ALPHV ransomware gang has added Seiko to its extortion site, claiming responsibility for a cyberattack disclosed by the Japanese firm earlier this month. Seiko…
Hands on with Windows 11’s ‘never combine’ taskbar feature
Windows 11, already a monumental shift in design from its predecessor, continues to evolve. In its upcoming 23H2 release slated for fall, one of the standout…
Hackers use VPN provider’s code certificate to sign malware
The China-aligned APT (advanced persistent threat) group known as ‘Bronze Starlight’ was seen targeting the Southeast Asian gambling industry with malware signed using a valid…
Cuba ransomware uses Veeam exploit against critical U.S. organizations
Image: Midjourney The Cuba ransomware gang was observed in attacks targeting critical infrastructure organizations in the United States and IT firms in Latin America, using…
Google Chrome to warn when installed extensions are malware
Google is testing a new feature in the Chrome browser that will warn users when an installed extension has been removed from the Chrome Web…
Rust devs push back as Serde project ships precompiled binaries
Serde, a popular Rust (de)serialization project, has decided to ship its serde_derive macro as a precompiled binary. The move has generated a fair amount of push back among…
The Week in Ransomware – August 18th 2023
While there was quite a bit of ransomware news this week, the highlighted story was the release of Jon DiMaggio’s third article in the Ransomware…
WinRAR flaw lets hackers run programs when you open RAR archives
A high-severity vulnerability has been fixed in WinRAR, the popular file archiver utility for Windows used by millions, that can execute commands on a computer…