Security
Headlines
HeadlinesLatestCVEs

Tag

#dell

Microsoft Issues Patches for 121 Flaws, Including Zero-Day Under Active Attack

As many as 121 new security flaws were patched by Microsoft as part of its Patch Tuesday updates for the month of August, which also includes a fix for a Support Diagnostic Tool vulnerability that the company said is being actively exploited in the wild. Of the 121 bugs, 17 are rated Critical, 102 are rated Important, one is rated Moderate, and one is rated Low in severity. Two of the issues

The Hacker News
Open in Source
#vulnerability#web#android#windows#google#microsoft#ubuntu#linux#debian#cisco#red_hat#apache#git#oracle#intel#rce#samba#vmware#amd#ibm#dell#zero_day#chrome#sap#The Hacker News
CVE-2022-29083: DSA-2022-186: Dell Client Security Update for Dell Client BIOS

Prior Dell BIOS versions contain an Improper Authentication vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability by bypassing drive security mechanisms in order to gain access to the system.

Summer of exploitation leads to healthcare under fire

Categories: News Categories: Threat Intelligence Tags: Healthcare Tags: Medical Read about trends in cyberattacks in the Healthcare and Medical industry, as well as our recommendations for helping to secure your healthcare organization. (Read more...) The post Summer of exploitation leads to healthcare under fire appeared first on Malwarebytes Labs.

Education hammered by exploits and backdoors in 2021 and 2022

Categories: News Categories: Threat Intelligence Tags: Education Beyond spikes in detections, the education sector has dealt with an onslaught of attacks ranging from spyware and denial of service tools to ransomware. (Read more...) The post Education hammered by exploits and backdoors in 2021 and 2022 appeared first on Malwarebytes Labs.

Twilio Suffers Data Breach After Employees Fall Victim to SMS Phishing Attack

Customer engagement platform Twilio on Monday disclosed that a "sophisticated" threat actor gained "unauthorized access" using an SMS-based phishing campaign aimed at its staff to gain information on a "limited number" of accounts. The social-engineering attack was bent on stealing employee credentials, the company said, calling the as-yet-unidentified adversary "well-organized" and "methodical

All the Data Amazon's Ring Cameras Collect About You

The popular security devices are tracking (and sharing) more than you might think.

CVE-2022-37394: Bug #1981813 “Compute service fails to restart if the vnic_type ...” : Bugs : OpenStack Security Advisory

An issue was discovered in OpenStack Nova before 23.2.2, 24.x before 24.1.2, and 25.x before 25.0.2. By creating a neutron port with the direct vnic_type, creating an instance bound to that port, and then changing the vnic_type of the bound port to macvtap, an authenticated user may cause the compute service to fail to restart, resulting in a possible denial of service. Only Nova deployments configured with SR-IOV are affected.

‘You get respect for owning what happened’ – SolarWinds’ CISO on the legacy and lessons of Sunburst

Security chief counts new build system and greater intel sharing among positive legacies of watershed cyber-attack

Ways Hackers Can Steal Information from Your Device

By Owais Sultan The advent of the digital age is a source of blessing in a way that makes life easier… This is a post from HackRead.com Read the original post: Ways Hackers Can Steal Information from Your Device

Experts Find Similarities Between New LockBit 3.0 and BlackMatter Ransomware

Cybersecurity researchers have reiterated similarities between the latest iteration of the LockBit ransomware and BlackMatter, a rebranded variant of the DarkSide ransomware strain that closed shop in November 2021. The new version of LockBit, called LockBit 3.0 aka LockBit Black, was released in June 2022, launching a brand new leak site and what's the very first ransomware bug bounty program,