Security
Headlines
HeadlinesLatestCVEs

Tag

#cisco

Free Decryptor Released for Black Basta and Babuk's Tortilla Ransomware Victims

A decryptor for the Tortilla variant of the Babuk ransomware has been released by Cisco Talos, allowing victims targeted by the malware to regain access to their files. The cybersecurity firm said the threat intelligence it shared with Dutch law enforcement authorities made it possible to arrest the threat actor behind the operations. The encryption key has also been shared with Avast,

The Hacker News
#microsoft#cisco#intel#auth#The Hacker News
Microsoft's January 2024 Windows Update Patches 48 New Vulnerabilities

Microsoft has addressed a total of 48 security flaws spanning its software as part of its Patch Tuesday updates for January 2024. Of the 48 bugs, two are rated Critical and 46 are rated Important in severity. There is no evidence that any of the issues are publicly known or under active attack at the time of release, making it the second consecutive Patch Tuesday with no zero-days. The

Microsoft starts off new year with relatively light Patch Tuesday, no zero-days

One of the critical vulnerabilities patched Tuesday is CVE-2024-20674, a security bypass vulnerability in the Windows Kerberos authentication protocol.

New decryptor for Babuk Tortilla ransomware variant released

Cisco Talos obtained executable code capable of decrypting files affected by the Babuk Tortilla ransomware variant, allowing Talos to extract and share the private decryption key used by the threat actor.

Explained: SMTP smuggling

Researchers have found flaws in the way SMTP servers handle messages, allowing them to send spoofed emails to and from targets.

Sea Turtle Cyber Espionage Campaign Targets Dutch IT and Telecom Companies

Telecommunication, media, internet service providers (ISPs), information technology (IT)-service providers, and Kurdish websites in the Netherlands have been targeted as part of a new cyber espionage campaign undertaken by a Türkiye-nexus threat actor known as Sea Turtle. "The infrastructure of the targets was susceptible to supply chain and island-hopping attacks, which the attack group

Facebook introduces another way to track you – Link History

Facebook has announced it will roll out a new option called Link History to mobile users around the world. What does that mean?

SMTP Smuggling: New Flaw Lets Attackers Bypass Security and Spoof Emails

A new exploitation technique called Simple Mail Transfer Protocol (SMTP) smuggling can be weaponized by threat actors to send spoofed emails with fake sender addresses while bypassing security measures. "Threat actors could abuse vulnerable SMTP servers worldwide to send malicious emails from arbitrary email addresses, allowing targeted phishing attacks," Timo Longin, a senior security

Google Kubernetes Engine Vulnerabilities Could Allow Cluster Takeover

By Deeba Ahmed An attacker with access to a Kubernetes cluster could chain two vulnerabilities in Google Kubernetes Engine (GKE) to escalate privileges and take over the cluster. This is a post from HackRead.com Read the original post: Google Kubernetes Engine Vulnerabilities Could Allow Cluster Takeover

Hackers Attack UK’s Nuclear Waste Services Through LinkedIn

By Deeba Ahmed LinkedIn users, especially employees managing pages for large corporations, must remain vigilant as the platform has become a lucrative target for cybercriminals and state-backed hackers. This is a post from HackRead.com Read the original post: Hackers Attack UK’s Nuclear Waste Services Through LinkedIn