-
Breached hacking forum shuts down, fears it's not 'safe' from FBI
The notorious Breached hacking forum has shut down after the remaining administrator, Baphomet, disclosed that they believe law enforcement has access to the site's servers.
- March 21, 2023
- 12:20 PM
1
-
Thousands of Citrix servers vulnerable to patched critical flaws
Thousands of Citrix ADC and Gateway deployments remain vulnerable to two critical-severity security issues that the vendor fixed in recent months.
- December 28, 2022
- 12:28 PM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
Severe AMI MegaRAC flaws impact servers from AMD, ARM, HPE, Dell, others
Three vulnerabilities in the American Megatrends MegaRAC Baseboard Management Controller (BMC) software impact server equipment used in many cloud service and data center providers.
- December 05, 2022
- 10:07 AM
- 0
-
New Redigo malware drops stealthy backdoor on Redis servers
A new Go-based malware threat that researchers call Redigo has been targeting Redis servers vulnerable to CVE-2022-0543 to plant a stealthy backdoor and allow command execution.
- December 01, 2022
- 01:45 PM
- 0
-
Microsoft updates mitigation for ProxyNotShell Exchange zero days
Microsoft has updated the mitigation for the latest Exchange zero-day vulnerabilities tracked as CVE-2022-41040 and CVE-2022-41082, also referred to ProxyNotShell.
- October 05, 2022
- 08:58 AM
- 0
-
Ransomware gang's Cobalt Strike servers DDoSed with anti-Russia messages
Someone is flooding Cobalt Strike servers operated by former members of the Conti ransomware gang with anti-Russian messages to disrupt their activity.
- September 07, 2022
- 09:09 AM
- 4
-
Thousands of hackers flock to 'Dark Utilities' C2-as-a-Service
Security researchers found a new service called Dark Utilities that provides an easy and inexpensive way for cybercriminals to set up a command and control (C2) center for their malicious operations.
- August 04, 2022
- 03:00 PM
- 0
-
Privacy protection agency seizes servers of hacked travel company
The Privacy Protection Authority in Israel seized servers hosting multiple travel booking websites because their operator failed to address security issues that enabled data breaches affecting more than 300,000 individuals.
- July 03, 2022
- 03:34 PM
- 0
-
Over 3.6 million MySQL servers found exposed on the Internet
Over 3.6 million MySQL servers are publicly exposed on the Internet and responding to queries, making them an attractive target to hackers and extortionists.
- May 31, 2022
- 04:02 PM
- 0
-
Karakurt revealed as data extortion arm of Conti cybercrime syndicate
After breaching servers managed by the cybercriminals, security researchers found a connection between Conti ransomware and the recently emerged Karakurt data extortion group, showing that the two gangs are part of the same operation.
- April 15, 2022
- 09:28 AM
- 2
-
Microsoft: Secured-core servers help prevent ransomware attacks
Microsoft says the first Secured-core certified Windows Server and Microsoft Azure Stack HCI devices are now available to protect customers' networks from security threats, including ransomware attacks.
- December 08, 2021
- 02:25 PM
- 0
-
AMD fixes dozens of Windows 10 graphics driver security bugs
AMD has fixed a long list of security vulnerabilities found in its graphics driver for Windows 10 devices, allowing attackers to execute arbitrary code and elevate privileges on vulnerable systems.
- November 11, 2021
- 01:13 PM
- 0
-
Canonical launches Ubuntu 21.10 for desktop and server
The latest version of the world's most popular Linux distribution, Ubuntu 21.10, codenamed 'Impish Indy', has landed on Canonical's download channels.
- October 15, 2021
- 03:58 AM
- 1
-
NSA warns of wildcard certificate risks, provides mitigations
The U.S. National Security Agency (NSA) is warning of the dangers stemming from the use of broadly-scoped certificates to authenticate multiple servers in an organization. These include a recently disclosed ALPACA technique that could be used for various traffic redirect attacks.
- October 12, 2021
- 02:23 AM
- 0
-
Kaseya patches Unitrends server zero-days, issues client mitigations
American software company Kaseya has issued a security updates to patch server side Kaseya Unitrends vulnerabilities found by security researchers at the Dutch Institute for Vulnerability Disclosure (DIVD).
- August 26, 2021
- 11:10 AM
- 0
-
Linux version of BlackMatter ransomware targets VMware ESXi servers
The BlackMatter gang has joined the ranks of ransomware operations to develop a Linux encryptor that targets VMware's ESXi virtual machine platform.
- August 05, 2021
- 05:32 PM
- 0
-
Lakehead University shuts down campus network after cyberattack
Canadian undergraduate research university Lakehead has been dealing with a cyberattack that forced the institution earlier this week to cut off access to its servers.
- February 21, 2021
- 12:01 PM
- 0
-
Critical bug actively used to deploy Cobalt Strike on Oracle servers
Threat actors are actively exploiting vulnerable Oracle WebLogic servers unpatched against CVE-2020-14882 to deploy Cobalt Strike beacons to gain persistent remote access to compromised devices.
- November 05, 2020
- 12:55 PM
- 0
-
Oracle issues emergency patch for critical WebLogic Server flaw
Oracle issued an out-of-band security update over the weekend to address a critical remote code execution (RCE) vulnerability impacting multiple Oracle WebLogic Server versions.
- November 02, 2020
- 02:06 PM
- 0
-
Critical Oracle WebLogic flaw actively targeted in attacks
Threat actors have started to hunt for servers running Oracle WebLogic instances vulnerable to a critical flaw that allows taking control of the system with little effort and no authentication.
- October 29, 2020
- 08:07 AM
- 0
