New Research Exposes Major SaaS Vulnerabilities
Feb 15, 2024The Hacker NewsSaaS Security / Risk Management With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications,…
Category: TheHackerNews
Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation
Feb 15, 2024NewsroomThreat Intelligence / Vulnerability Microsoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in…
Bumblebee Malware Returns with New Tricks, Targeting U.S. Businesses
Feb 14, 2024NewsroomMalware / Cybercrime The infamous malware loader and initial access broker known as Bumblebee has resurfaced after a four-month absence as part of…
Microsoft, OpenAI Warn of Nation-State Hackers Weaponizing AI for Cyberattacks
Feb 14, 2024NewsroomArtificial Intelligence / Cyber Attack Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence (AI) and large…
Ubuntu ‘command-not-found’ Tool Could Trick Users into Installing Rogue Packages
Feb 14, 2024NewsroomSoftware Security / Vulnerability Cybersecurity researchers have found that it’s possible for threat actors to exploit a well-known utility called command-not-found to recommend…
DarkMe Malware Targets Traders Using Microsoft SmartScreen Zero-Day Vulnerability
Feb 14, 2024NewsroomZero-Day / Financial Sector Security A newly disclosed security flaw in the Microsoft Defender SmartScreen has been exploited as a zero-day by an…
Microsoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days
Feb 14, 2024NewsroomPatch Tuesday / Vulnerability Microsoft has released patches to address 73 security flaws spanning its software lineup as part of its Patch Tuesday…
PikaBot Resurfaces with Streamlined Code and Deceptive Tactics
Feb 13, 2024NewsroomCyber Threat / Malware The threat actors behind the PikaBot malware have made significant changes to the malware in what has been described…
Glupteba Botnet Evades Detection with Undocumented UEFI Bootkit
Feb 13, 2024NewsroomCryptocurrency / Rootkit The Glupteba botnet has been found to incorporate a previously undocumented Unified Extensible Firmware Interface (UEFI) bootkit feature, adding another…
Midnight Blizzard and Cloudflare-Atlassian Cybersecurity Incidents: What to Know
Feb 13, 2024The Hacker NewsSaaS Security / Data Breach The Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS…
Ivanti Vulnerability Exploited to Install ‘DSLog’ Backdoor on 670+ IT Infrastructures
Feb 13, 2024NewsroomVulnerability / Cyber Threat Threat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to…
Alert: CISA Warns of Active ‘Roundcube’ Email Attacks
Feb 13, 2024NewsroomVulnerability / Email Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Roundcube email software…