JumpCloud resets admin API keys amid ‘ongoing incident’
JumpCloud, a US-based enterprise software firm is notifying several customers of an “ongoing incident.” As a caution, the company has invalidated existing admin API keys…
Category: Bleeping Computer
Cisco warns of bug that lets attackers break traffic encryption
Cisco warned customers today of a high-severity vulnerability impacting some data center switch models and allowing attackers to tamper with encrypted traffic. Tracked as CVE-2023-20185,…
Over 130,000 solar energy monitoring systems exposed online
Security researchers are warning that tens of thousands of photovoltaic (PV) monitoring and diagnostic systems are reachable over the public web, making them potential targets…
New StackRot Linux kernel flaw allows privilege escalation
Technical information has emerged for a serious vulnerability affecting multiple Linux kernel versions that could be triggered with “minimal capabilities.” The security issue is being…
Microsoft fixes bug behind Windows LSA protection warnings, again
Microsoft is again pushing a Defender Antivirus update (first issued in April and pulled in May) that fixes a known issue triggering Windows Security warnings…
New tool exploits Microsoft Teams bug to send malware to users
A member of U.S. Navy’s red team has published a tool called TeamsPhisher that leverages an unresolved security issue in Microsoft Teams to bypass restrictions for…
Police arrest suspect linked to notorius OPERA1ER cybercrime gang
Law enforcement has detained a suspect believed to be a key member of the OPERA1ER cybercrime group, which has targeted mobile banking services and financial…
Japan’s largest port stops operations after ransomware attack
The Port of Nagoya, the largest and busiest port in Japan, has been targeted in a ransomware attack that currently impacts the operation of container…
Google Analytics data transfer to U.S. brings $1 million fine to Swedish firms
The Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten – IMY) has fined two companies with 12.3 million SEK (€1 million/$1.1 million) for using Google Analytics and…
New Python tool checks NPM packages for manifest confusion issues
A security researcher and system administrator has developed a tool that can help users check for manifest mismatches in packages from the NPM JavaScript software…
Microsoft denies data breach, theft of 30 million customer accounts
Microsoft has denied the claims of the so-called hacktivists “Anonymous Sudan” that they breached the company’s servers and stole credentials for 30 million customer accounts.…
Hackers target European government entities in SmugX campaign
A phishing campaign that security researchers named SmugX and attributed to a Chinese threat actor has been targeting embassies and foreign affairs ministries in the…