Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices.
Notices by BleepingComputer (bleepingcomputer@infosec.exchange)
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Tuesday, 13-Feb-2024 02:25:03 JST BleepingComputer
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Monday, 12-Feb-2024 21:42:31 JST BleepingComputer
At least 18 hospitals in Romania were knocked offline after a ransomware attack took down their healthcare management system.
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Saturday, 10-Feb-2024 06:04:48 JST BleepingComputer
CISA confirmed today that attackers are actively exploiting a critical remote code execution (RCE) bug patched by Fortinet on Thursday.
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Friday, 09-Feb-2024 05:54:07 JST BleepingComputer
Car maker Hyundai Motor Europe suffered a Black Basta ransomware attack, with the threat actors claiming to have stolen three terabytes of corporate data.
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Friday, 09-Feb-2024 03:02:04 JST BleepingComputer
The U.S. State Department offers rewards of up to $10 million for information that could help locate, identify, or arrest members of the Hive ransomware gang.
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Monday, 05-Feb-2024 03:53:20 JST BleepingComputer
Microsoft is bringing the Linux 'sudo' feature to Windows Server 2025, offering a new way for admins to elevate privileges for console applications.
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Wednesday, 31-Jan-2024 08:26:58 JST BleepingComputer
Unprivileged attackers can get root access on multiple major Linux distributions in default configurations by exploiting a newly disclosed local privilege escalation (LPE) vulnerability in the GNU C Library (glibc).
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Tuesday, 30-Jan-2024 07:47:02 JST BleepingComputer
Keenan & Associates is sending notices of a data breach to 1.5 million customers, warning that hackers accessed their personal information in a recent cyberattack.
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Friday, 26-Jan-2024 04:33:18 JST BleepingComputer
Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating and distributing the Trickbot malware used in attacks against hospitals, companies, and individuals worldwide.
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Saturday, 20-Jan-2024 22:57:27 JST BleepingComputer
Meta seems to be falling short of effectively tackling fake Instagram profiles even when there are sufficient signs to indicate that a profile is misusing someone else's photos and identity.
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Saturday, 20-Jan-2024 02:41:55 JST BleepingComputer
A Chinese hacking group has been exploiting a critical vCenter Server vulnerability (CVE-2023-34048) as a zero-day since at least late 2021.
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Thursday, 18-Jan-2024 00:53:49 JST BleepingComputer
A new vulnerability dubbed 'LeftoverLocals' affecting graphics processing units from AMD, Apple, Qualcomm, and Imagination Technologies allows retrieving data from the local memory space.
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Friday, 22-Dec-2023 07:20:25 JST BleepingComputer
Google and Twitter ads are promoting sites containing a cryptocurrency drainer named 'MS Drainer' that has already stolen $59 million from 63,210 victims over the past nine months.
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Friday, 08-Dec-2023 18:47:29 JST BleepingComputer
Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid Deployable Corps.
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Wednesday, 11-Oct-2023 02:59:53 JST BleepingComputer
Today is Microsoft's October 2023 Patch Tuesday, with security updates for 104 flaws, including three actively exploited zero-day vulnerabilities.
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Friday, 06-Oct-2023 05:14:49 JST BleepingComputer
Proof-of-concept exploits have already surfaced online for a high-severity flaw in GNU C Library's dynamic loader, allowing local attackers to gain root privileges on major Linux distributions.
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Thursday, 05-Oct-2023 06:40:24 JST BleepingComputer
Apple released emergency security updates to patch a new zero-day security flaw exploited in attacks targeting iPhone and iPad users.
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Wednesday, 13-Sep-2023 08:40:38 JST BleepingComputer
Today is Microsoft's September 2023 Patch Tuesday, with security updates for 59 flaws, including two actively exploited zero-day vulnerabilities.
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Wednesday, 13-Sep-2023 06:41:11 JST BleepingComputer
Mozilla released emergency security updates today to fix a critical zero-day vulnerability exploited in the wild, impacting its Firefox web browser and Thunderbird email client.
-
Embed this notice
BleepingComputer (bleepingcomputer@infosec.exchange)'s status on Tuesday, 05-Sep-2023 02:16:46 JST BleepingComputer
Hackers are exploiting two recent MinIO vulnerabilities to breach object storage systems and access private information, execute arbitrary code, and potentially take over servers.