Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

Apple and Google Just Patched Their First Zero-Day Flaws of the Year

Plus: Google fixes dozens of Android bugs, Microsoft rolls out nearly 50 patches, Mozilla squashes 15 Firefox flaws, and more.

Wired
Open in Source
#vulnerability#web#android#mac#windows#apple#google#microsoft#cisco#rce#auth#zero_day#chrome#firefox#sap#ssl
Microsoft Teams External Access Abuses to Spread DarkGate Malware

By Waqas Threat actors are exploiting Microsoft Teams' External Access feature to spread DarkGate malware through chats. This is a post from HackRead.com Read the original post: Microsoft Teams External Access Abuses to Spread DarkGate Malware

Brazilian Feds Dismantle Grandoreiro Banking Trojan, Arresting Top Operatives

A Brazilian law enforcement operation has led to the arrest of several Brazilian operators in charge of the Grandoreiro malware. The Federal Police of Brazil said it served five temporary arrest warrants and 13 search and seizure warrants in the states of São Paulo, Santa Catarina, Pará, Goiás, and Mato Grosso. Slovak cybersecurity firm ESET, which provided additional

WS_FTP Server 5.0.5 Denial Of Service

WS_FTP Server version 5.0.5 remote denial of service exploit.

China-Linked Hackers Target Myanmar's Top Ministries with Backdoor Blitz

The China-based threat actor known as Mustang Panda is suspected to have targeted Myanmar's Ministry of Defence and Foreign Affairs as part of twin campaigns designed to deploy backdoors and remote access trojans. The findings come from CSIRT-CTI, which said the activities took place in November 2023 and January 2024 after artifacts in connection with the attacks were uploaded to the

Apple warns of “privacy and security threats” after EU requires it to allow sideloading

To comply with the EU's Digital Markets Act, Apple will allow European iPhone owners to install apps obtained from outside the official App store.

Excessive Expansion Vulnerabilities Leave Jenkins Servers Open to Attacks

By Deeba Ahmed The vulnerabilities stem from the way Jenkins handles user-supplied data. This is a post from HackRead.com Read the original post: Excessive Expansion Vulnerabilities Leave Jenkins Servers Open to Attacks

New ZLoader Malware Variant Surfaces with 64-bit Windows Compatibility

Threat hunters have identified a new campaign that delivers the ZLoader malware, resurfacing nearly two years after the botnet's infrastructure was dismantled in April 2022. A new variant of the malware is said to have been in development since September 2023, Zscaler ThreatLabz said in an analysis published this month. "The new version of Zloader made significant changes to the loader

Congratulations to the Top MSRC 2023 Q4 Security Researchers!

Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2023 Q4 Security Researcher Leaderboard are Yuki Chen, Wei, VictorV! Check out the full list of researchers recognized this quarter here.