Norway says Ivanti zero-day was used to hack govt IT systems
The Norwegian National Security Authority (NSM) has confirmed that attackers used a zero-day vulnerability in Ivanti’s Endpoint Manager Mobile (EPMM) solution to breach a software…
Category: Bleeping Computer
Microsoft Sharepoint outage caused by use of wrong TLS certificate
Microsoft Sharepoint and OneDrive for Business were briefly interrupted today after a German TLS certificate was mistakenly added to the main .com domains for the…
Ivanti patches MobileIron zero-day bug exploited in attacks
US-based IT software company Ivanti has patched an actively exploited zero-day vulnerability impacting its Endpoint Manager Mobile (EPMM) mobile device management software (formerly MobileIron Core). Ivanti…
Zenbleed attack leaks sensitive data from AMD Zen2 processors
Google’s security researcher Tavis Ormandy discovered a new vulnerability impacting AMD Zen2 CPUs that could allow a malicious actor to steal sensitive data, such as…
Lazarus hackers hijack Microsoft IIS servers to spread malware
The North Korean state-sponsored Lazarus hacking group is breaching Windows Internet Information Service (IIS) web servers to hijack them for malware distribution. IIS is Microsoft’s…
How is the Dark Web Reacting to the AI Revolution?
A quick search for “ChatGPT” on the dark web and Telegram shows 27,912 mentions in the past six months. Much has been written about the…
Apple fixes new zero-day used in attacks against iPhones, Macs
Apple has released security updates to address zero-day vulnerabilities exploited in attacks targeting iPhones, Macs, and iPads. “Apple is aware of a report that this…
Flipper Zero now has its own app store for iOS, Android users
The Flipper Zero team has launched its very own ‘Flipper Apps’ mobile app store, allowing mobile users to install 3rd-party apps and extend the functionality…
JumpCloud hack linked to North Korea after OPSEC mistake
A hacking unit of North Korea’s Reconnaissance General Bureau (RGB) was linked to the JumpCloud breach after the attackers made an operational security (OPSEC) mistake,…
Microsoft shares fix for some Outlook hyperlinks not opening
Microsoft shared a workaround for Outlook Desktop blocking attempts to open IP address or fully qualified domain name (FQDN) hyperlinks after installing this month’s security…
Norwegian government IT systems hacked using zero-day flaw
The Norwegian government is warning that its ICT platform used by 12 ministries has suffered a cyberattack after hackers exploited a zero-day vulnerability in third-party…
Windows 11 23H2 update coming this fall, here’s what’s new
As Microsoft prepares for the imminent rollout of Windows 11 23H2, they’ve been developing various innovative features designed to improve user experience, streamline workflows, and…