Noteworthy stories that might have slipped under the radar: FAA improving cyber rules for airplanes, NGate Android malware used to steal cash from ATMs, abusing Slack AI to steal data. The post In Other News: FAA Improving Cyber Rules, Android…
Category: SecurityWeek RSS Feed
Hacker Tried to Dodge Child Support by Breaking Into Registry to Fake His Death, Prosecutors Say
Kentucky man attempted to fake his death to avoid paying child support obligations by hacking into state registries and falsifying official records. The post Hacker Tried to Dodge Child Support by Breaking Into Registry to Fake His Death, Prosecutors Say…
FBI Exposing Sensitive Data via Improper Handling of Storage Devices: Audit
Audit finds weaknesses in FBI’s inventory management and disposition procedures for drives containing sensitive information. The post FBI Exposing Sensitive Data via Improper Handling of Storage Devices: Audit appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS…
SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw
SolarWinds has issued a Web Help Desk hotfix to remove hardcoded credentials from last week’s hotfix for a critical-severity vulnerability. The post SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw appeared first on SecurityWeek. This article has…
Oil Giant Halliburton Confirms Cyber Incident, Details Scarce
US oil giant Halliburton confirmed its computer systems were hit by a cyberattack that affected operations at its Houston offices. The post Oil Giant Halliburton Confirms Cyber Incident, Details Scarce appeared first on SecurityWeek. This article has been indexed from…
China-Linked ‘Velvet Ant’ Hackers Exploited Zero-Day to Deploy Malware on Cisco Nexus Switches
Hackers gained access to the switch using valid administrator credentials, and then ‘jailbroke’ from the application level into the OS level. The post China-Linked ‘Velvet Ant’ Hackers Exploited Zero-Day to Deploy Malware on Cisco Nexus Switches appeared first on SecurityWeek.…
Two Years On, Log4Shell Vulnerability Still Being Exploited to Deploy Malware
More than two years after the Log4j crisis, organizations are still being hit by crypto-currency miners and backdoor scripts. The post Two Years On, Log4Shell Vulnerability Still Being Exploited to Deploy Malware appeared first on SecurityWeek. This article has been…
Understanding the ‘Morphology’ of Ransomware: A Deeper Dive
Ransomware isn’t just about malware. It’s about brands, trust, and the shifting allegiances of cybercriminals. The post Understanding the ‘Morphology’ of Ransomware: A Deeper Dive appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS Feed Read the original…
Atlassian Patches Vulnerabilities in Bamboo, Confluence, Crowd, Jira
Atlassian has released patches for nine high-severity vulnerabilities in Bamboo, Confluence, Crowd, and Jira products. The post Atlassian Patches Vulnerabilities in Bamboo, Confluence, Crowd, Jira appeared first on SecurityWeek. This article has been indexed from SecurityWeek RSS Feed Read the…
Exploitation Expected for Flaw in Caching Plugin Installed on 5M WordPress Sites
A critical vulnerability in the Litespeed Cache WordPress plugin can allow attackers to hack websites by creating an admin user. The post Exploitation Expected for Flaw in Caching Plugin Installed on 5M WordPress Sites appeared first on SecurityWeek. This article…