Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities

The Pakistan-linked threat actor known as SideCopy has been observed leveraging the recent WinRAR security vulnerability in its attacks targeting Indian government entities to deliver various remote access trojans such as AllaKore RAT, Ares RAT, and DRat. Enterprise security firm SEQRITE described the campaign as multi-platform, with the attacks also designed to infiltrate Linux systems with a

The Hacker News
Open in Source
#vulnerability#mac#windows#microsoft#linux#zero_day#The Hacker News
CVE-2023-36409

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

CVE-2023-36769

Microsoft OneNote Spoofing Vulnerability

Okta Breach Linked to Employee’s Google Account, Affects 134 Customers

By Waqas Some of the most prominent victims of the data breach include Cloudflare, 1Password, and BeyondTrust. This is a post from HackRead.com Read the original post: Okta Breach Linked to Employee’s Google Account, Affects 134 Customers

Scammers Use Fake Ledger App on Microsoft Store to Steal $800,000 in Crypto

By Waqas After a surge of malware on the Google Play Store, is Microsoft also failing to properly vet apps for malware? This is a post from HackRead.com Read the original post: Scammers Use Fake Ledger App on Microsoft Store to Steal $800,000 in Crypto

Persistence – Windows Telemetry

Microsoft has introduced the compatibility telemetry in order to collect usage and performance data about Windows systems. The telemetry tasks are collected via the binary… Continue reading → Persistence – Windows Telemetry

Persistence – Windows Telemetry

Microsoft has introduced the compatibility telemetry in order to collect usage and performance data about Windows systems. The telemetry tasks are collected via the binary… Continue reading → Persistence – Windows Telemetry

October 2023: back to Positive Technologies, Vulristics updates, Linux Patch Wednesday, Microsoft Patch Tuesday, PhysTech VM lecture

Hello everyone! October was an interesting and busy month for me. I started a new job, worked on my open source Vulristics project, and analyzed vulnerabilities using it. Especially Linux vulnerabilities as part of my new Linux Patch Wednesday project. And, of course, analyzed Microsoft Patch Tuesday as well. In addition, at the end of […]

This Cheap Hacking Device Can Crash Your iPhone With Pop-Ups

Plus: SolarWinds is charged with fraud, New Orleans police face recognition has flaws, and new details about Okta’s October data breach emerge.

Threat Roundup for October 27 to November 3

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 27 and Nov. 3. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key