Microsoft Azure AD flaw can lead to account takeover
Researchers have found a flaw in Microsoft Azure AD which they claim can be used to take over accounts that rely on pre-established trust. Researchers…
Latest Cybersecurity News — Page 5465
View all →
CISA adds recently disclosed Apple flaws to its Known Exploited Vulnerabilities catalogSecurity Affairs
U.S. Cybersecurity and Infrastructure Security Agency (CISA) added six new vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)…
The Week in Ransomware – June 23rd 2023
It was a relatively quiet week regarding ransomware news, with the BlackCat ransomware gang extorting Reddit and the ongoing MOVEit Transfer data breaches being the…
Chinese Espionage Malware Targets European Healthcare via USB Drives
It all started when an employee attending an Asian conference unknowingly introduced malware to their organization in Europe by sharing a presentation with a colleague…
VMware fixed five memory corruption issues in vCenter ServerSecurity Affairs
VMware addressed multiple memory corruption vulnerabilities in vCenter Server that can be exploited to achieve remote code execution. VMware released security updates to five memory…
University of Manchester confirms data theft in recent cyberattack
Image: Ax Sharma The University of Manchester finally confirmed that attackers behind a cyberattack disclosed in early June had stolen data belonging to alums and…
CISA orders agencies to patch iPhone bugs abused in spyware attacks
Today, CISA ordered federal agencies to patch recently patched security vulnerabilities exploited as zero-days to deploy Triangulation spyware on iPhones via iMessage zero-click exploits. The…
Patched OpenSSH Exploited for IoT, Linux Cryptomining
Apart from cryptomining, the campaign also involves hijacking SSH credentials, hiding malicious SSH connections, and more. Microsoft researchers have discovered a new cryptojacking campaign that…
ICO under fire for taking limited action over serious data breaches
Lawyers and data protection experts have criticised the Information Commissioner’s Office (ICO) for limiting its enforcement action against Thames Valley Police (TVP) and the Ministry…
CISA Tells US Agencies to Patch Exploited Roundcube, VMware Flaws
The US government’s cybersecurity agency CISA on Thursday added another batch of security flaws to its Known Exploited Vulnerabilities (KEV) catalog and urged federal agencies…
FBI seizes BreachForums after arresting its owner Pompompurin in March
U.S. law enforcement today seized the clear web domain of the notorious BreachForums (aka Breached) hacking forum three months after apprehending its owner Conor Fitzpatrick…
Hack networks via Fortinet FortiNAC by sending specially crafted requests to the tcp/1050 service
This problem arises as the importance of cybersecurity around the globe continues to grow. The security architecture of our network is under continual attack, and…