Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Hacker Fails for the Win

Security researchers share their biggest initial screwups in some of their key vulnerability discoveries.

DARKReading
#vulnerability#mac#microsoft#buffer_overflow#zero_day#wifi
Rackspace Incident Highlights How Disruptive Attacks on Cloud Providers Can Be

A ransomware attack on the company's Hosted Exchange environment disrupted email for thousands of mostly small and midsize businesses.

CVE-2022-23491: concerns about Trustcor

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the process of being removed from Mozilla's trust store. TrustCor's root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor's ownership also operated a business that produced spyware. Conclusions of Mozilla's investigation can be found in the linked google group discussion.

IT Army of Ukraine Hit Russian Banking Giant with Crippling DDoS Attack

By Habiba Rashid The bank confirmed that it had "experienced an unprecedented cyber attack from abroad." This is a post from HackRead.com Read the original post: IT Army of Ukraine Hit Russian Banking Giant with Crippling DDoS Attack

3 xIoT Attacks Companies Aren't Prepared For

A world of increasingly connected devices has created a vast attack surface for sophisticated adversaries.

Vice Society Ransomware Attackers Targeted Dozens of Schools in 2022

The Vice Society cybercrime group has disproportionately targeted educational institutions, accounting for 33 victims in 2022 and surpassing other ransomware families like LockBit, BlackCat, BianLian, and Hive. Other prominent industry verticals targeted include healthcare, governments, manufacturing, retail, and legal services, according to an analysis of leak site data by Palo Alto Networks

How XDR Helps Protect Critical Infrastructure

Critical infrastructure is important for societal existence, growth, and development. Societies are reliant on the services provided by critical infrastructure sectors like telecommunication, energy, healthcare, transportation, and information technology. Safety and security are necessary for the optimal operation of these critical infrastructures. Critical infrastructure is made up of digital

Chinese Hackers Using Russo-Ukrainian War Decoys to Target APAC and European Entities

The China-linked nation-state hacking group referred to as Mustang Panda is using lures related to the ongoing Russo-Ukrainian War to attack entities in Europe and the Asia Pacific. That's according to the BlackBerry Research and Intelligence Team, which analyzed a RAR archive file titled "Political Guidance for the new EU approach towards Russia.rar." Some of the targeted countries include

Russian Hackers Spotted Targeting U.S. Military Weapons and Hardware Supplier

A state-sponsored hacking group with links to Russia has been linked to attack infrastructure that spoofs the Microsoft login page of Global Ordnance, a legitimate U.S.-based military weapons and hardware supplier. Recorded Future attributed the new infrastructure to a threat activity group it tracks under the name TAG-53, and is broadly known by the cybersecurity community as Callisto,

For Cyberattackers, Popular EDR Tools Can Turn into Destructive Data Wipers

Microsoft, three others release patches to fix a vulnerability in their respective products that enables such manipulation. Other EDR products potentially are affected as well.