Microsoft confirms China link to SharePoint hacks
Microsoft has revealed that Chinese state threat actors are actively targeting and exploiting a highly-dangerous new zero-day vulnerability in SharePoint Server, confirming earlier reports from…
Latest Cybersecurity News — Page 1743
View all →
Microsoft sees China-backed nation-state hackers among adversaries targeting SharePoint
Microsoft on Tuesday said it has identified two experienced Chinese government-backed threat groups exploiting a recently disclosed vulnerability in its SharePoint servers. The groups, which…
Microsoft SharePoint zero-day attacks pinned on China-linked ‘Typhoon’ threat groups
Microsoft said two China nation-state threat groups and a separate attacker based in China are exploiting the zero-day vulnerabilities that first caused havoc to SharePoint…
Interlock Ransomware With Double Extortion Tactics Attacking Windows and Linux Systems
The Cybersecurity and Infrastructure Security Agency (CISA), FBI, Department of Health and Human Services, and Multi-State Information Sharing and Analysis Center have issued an urgent…
ETQ Reliance RCE Flaw Grants Full SYSTEM Access with a Single Space
Hexagon ETQ’s Java-based quality management system, ETQ Reliance, has several serious flaws, according to a new security research revelation by Assetnote. The software, which facilitates…
Microsoft pins on-prem SharePoint attacks on Chinese threat actors
As Microsoft continues to update its customer guidance for protecting on-prem SharePoint servers against the latest in-the-wild attacks, more security firms have begun sharing details…
Dwindling federal cyber support for critical infrastructure raises alarms
Listen to the article 11 min This audio is auto-generated. Please let us know if you have feedback. As the U.S. government prepares to decrease…
Maximum-severity ISE RCE flaws now exploited in attacks
Cisco is warning that three recently patched critical remote code execution vulnerabilities in Cisco Identity Services Engine (ISE) are now being actively exploited in attacks. Although…
Threat Actors Allegedly Selling macOS 0-day LPE Exploit on Hacker Forums
A threat actor known as “skart7” is allegedly offering a zero-day Local Privilege Escalation (LPE) exploit targeting Apple’s macOS operating system for sale on a…
Threat Actors Target Linux SSH Servers to Deploy SVF Botnet
AhnLab Security Intelligence Center (ASEC) has been actively tracking cyber threats exploiting vulnerable Linux servers through strategically deployed honeypots, with SSH services using weak credentials…
Startup takes personal data stolen by malware and sells it on to other companies
A tech startup is using personal data stolen by infostealer malware that it has found on the dark web, and then selling access to that…
Credential Theft and Remote Access Surge as AllaKore, PureRAT, and Hijack Loader Proliferate
Mexican organizations are still being targeted by threat actors to deliver a modified version of AllaKore RAT and SystemBC as part of a long-running campaign.…