Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

LightSpy Spyware's macOS Variant Found with Advanced Surveillance Capabilities

Cybersecurity researchers have disclosed that the LightSpy spyware allegedly targeting Apple iOS users is in fact a previously undocumented macOS variant of the implant. The findings come from both Huntress Labs and ThreatFabric, which separately analyzed the artifacts associated with the cross-platform malware framework that likely possesses capabilities to infect Android, iOS, Windows, macOS,

The Hacker News
Open in Source
#ios#android#mac#windows#apple#The Hacker News
Hotel Kiosks Vulnerability Exposed Guest Data, Room Access

A security vulnerability in Ariane Allegro Hotel Check-In Kiosks exposed guest data and potentially compromised room access. However,…

Microsoft’s Recall Feature Is Even More Hackable Than You Thought

A new discovery that the AI-enabled feature’s historical data can be accessed even by hackers without administrator privileges only contributes to the growing sense that the feature is a “dumpster fire.”

GHSA-hrw6-wg82-cm62: Jupyter server on Windows discloses Windows user password hash

### Summary Jupyter Server on Windows has a vulnerability that lets unauthenticated attackers leak the NTLMv2 password hash of the Windows user running the Jupyter server. An attacker can crack this password to gain access to the Windows machine hosting the Jupyter server, or access other network-accessible machines or 3rd party services using that credential. Or an attacker perform an NTLM relay attack without cracking the credential to gain access to other network-accessible machines.

Trojan.Win32.DarkGateLoader MVID-2024-0685 Code Execution

Multiple variants of Trojan.Win32.DarkGateLoader malware suffer from a code execution vulnerability.

The sliding doors of misinformation that come with AI-generated search results

AI’s integration into search engines could change the way many of us interact with the internet.

Crimson Palace: Chinese Hackers Steal Military Secrets Over 2 Years

Sophos uncovers “Operation Crimson Palace, a long-term cyberespionage effort targeting a Southeast Asian government. Learn how attackers used…

Husband stalked ex-wife with seven AirTags, indictment says

A husband, now indicted, allegedly used seven Apple AirTags to stalk his ex-wife over a period of several weeks. His trial begins this month.

Microsoft Recall snapshots can be easily grabbed with TotalRecall tool

A worried researcher has created a tool to demonstrate exactly how much of a security backdoor Microsoft is creating with Recall.

Easily integrate Secrets Management System with Ansible Automation Platform to update systems passwords

Changing systems passwords is a common task that all systems administrators must do to keep up with all the latest security policies. Now with secrets being managed by the secrets management system, we need a way to integrate with that to keep and manage all the secrets safe while updating the systems passwords in a secure, safe and automated way to stay compliant with all the rules and regulations.Red Hat Ansible Automation Platform makes this easy; there are so many ready-made playbook examples available to update any managed platform, such as Linux, Windows and many network devices. ht