Running unsupported and unpatched versions of Exchange Server will do that to a country Sri Lanka’s Computer Emergency Readiness Team (CERT) is currently investigating a ransomware attack on the government’s cloud infrastructure that affected around 5,000 email accounts, it revealed…
Update Adobe Acrobat and Reader to Patch Actively Exploited Vulnerability
Adobe’s Patch Tuesday update for September 2023 comes with a patch for a critical actively exploited security flaw in Acrobat and Reader that could permit an attacker to execute malicious code on susceptible systems. The vulnerability, tracked as CVE-2023-26369, is rated 7.8…
Malware distributor Storm-0324 facilitates ransomware access
The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to…
Mozilla Rushes to Patch WebP Critical Zero-Day Exploit in Firefox and Thunderbird
Mozilla on Tuesday released security updates to resolve a critical zero-day vulnerability in Firefox and Thunderbird that has been actively exploited in the wild, a day after Google released a fix for the issue in its Chrome browser. The shortcoming,…
Learn the Risks of API Vulnerabilities
Application programming interfaces (APIs) are widely used online for a variety of purposes: to streamline login processes, enable online payments, and other uses. As organizations… The post Learn the Risks of API Vulnerabilities appeared first on Security Zap. This article…
Major cyberattack leaves MGM Resorts reeling
Categories: News Categories: Personal Tags: MGM resorts Tags: hotel Tags: casino Tags: attack Tags: cyber Tags: shutdown MGM resorts has suffered a major cyberattack leading to shutdowns across the US. (Read more…) The post Major cyberattack leaves MGM Resorts reeling…
Two Apple issues added by CISA to its catalog of known exploited vulnerabilities
Categories: Exploits and vulnerabilities Categories: News Tags: Blastpass Tags: citizenlab Tags: pegasus Tags: nso Tags: cisa Tags: apple Tags: cve-2023-41064 Tags: cve-2023-41061 Tags: buffer overflow CISA has added two recently discovered Apple vulnerabilities to its catalog of known exploited vulnerabilities.…
Microsoft Teams used to deliver DarkGate Loader malware
Categories: Business Categories: News Tags: Microsoft Teams Tags: DarkGate Tags: Loader Tags: Trojan Tags: Sharepoint Tags: AutoIt Researchers have found a new distribution method for the DarkGate Loader which circumvents the security features in Microsoft Teams. (Read more…) The post…
Update Chrome now! Google patches critical vulnerability being exploited in the wild
Categories: Exploits and vulnerabilities Categories: News Tags: Google Tags: Chrome Tags: CVE-2023-4863 Tags: WebP Tags: buffer overflow Tags: 116.0.5845.187/.188 Chrome users are being urged to patch a critical vulnerability for which an exploit is available. (Read more…) The post Update…
Ransomware review: September 2023
Categories: Threat Intelligence Ransomware news in August was highlighted by the sudden fall of CL0P from the list of the monthly most active gangs, while Lockbit returned to the number one spot. (Read more…) The post Ransomware review: September 2023…
China caught – again – with its malware in another nation’s power grid
‘Obtaining a disruptive capability could be one possible motivation behind this surge in attacks’ Espionage-ware thought to have been developed by China has once again been spotted within the power grid of a neighboring nation.… This article has been indexed…
The State of Windows Digital Analysis
Something that I’ve seen and been concerned about for some time now is the state of digital analysis, particularly when it comes to Windows systems. From open reporting to corporate blog posts and webinars, it’s been pretty clear that there…
Adobe, Apple, Google & Microsoft Patch 0-Day Bugs
Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe, Google Chrome and Apple iOS users may have their…
Microsoft Patches a Pair of Actively Exploited Zero-Days
Five critical bugs, zero-days exploited in the wild, Exchange Server, and more headline Microsoft’s September 2023 Patch Tuesday release. Here’s what to patch now. This article has been indexed from Dark Reading Read the original article: Microsoft Patches a Pair…
UN’s Cybercrime Convention Draft: A Slippery Slope for LGBTQ+ and Gender Rights
This post is divided into two parts. Part I looks at the draft UN’s Cybercrime Convention and its potential implications for LGBTQ+ rights. Part II provides a closer look at how cybercrime laws might specifically impact the LGBTQ+ community and…
Save the Children confirms it was hit by cyber attack
The international non-governmental organization (NGO) Save the Children International was recently hit with a cyberattack. The charity organization Save the Children International revealed that it was hit by a cyber attack. The company disclosed the security incident after the ransomware…
VERT Threat Alert: September 2023 Patch Tuesday Analysis
Today’s VERT Alert addresses Microsoft’s September 2023 Security Updates , which includes a recently introduced release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1073 on Wednesday, September 13th. In-The-Wild & Disclosed CVEs…
IT Security News Daily Summary 2023-09-12
Risk & Repeat: Big questions remain on Storm-0558 attacks China’s Winnti APT Compromises National Grid in Asia for 6 Months Appeals Court Upholds Public.Resource.Org’s Right to Post Public Laws and Regulations Online Grab those updates: Microsoft flings out fixes for…
Risk & Repeat: Big questions remain on Storm-0558 attacks
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Security Resources and Information from TechTarget Read the original article: Risk & Repeat: Big questions remain on…
China’s Winnti APT Compromises National Grid in Asia for 6 Months
Attacks against critical infrastructure are becoming more commonplace and, if a recent PRC-sponsored attack is anything to go by, easier to pull off. This article has been indexed from Dark Reading Read the original article: China’s Winnti APT Compromises National…
Appeals Court Upholds Public.Resource.Org’s Right to Post Public Laws and Regulations Online
Our laws belong to all of us, and we should be able to find, read, and share them free of registration requirements, fees, and other roadblocks. SAN FRANCISCO—Technical standards—like fire and electrical codes—developed by private organizations but incorporated into public…
Grab those updates: Microsoft flings out fixes for already-exploited bugs
Plus: Adobe and Android also tackle abused-in-the-wild flaws Patch Tuesday It’s every Windows admin’s favorite day of the month: Patch Tuesday. Microsoft emitted 59 patches for its September update batch, including two for bugs that have already been exploited.… This…
Spring Authentication With MetaMask
When choosing a user authentication method for your application, you usually have several options: develop your own system for identification, authentication, and authorization, or use a ready-made solution. A ready-made solution means that the user already has an account on…
Federal Judge Upholds State Department Rule Requiring Visa Applicants to Disclose Social Media Information
Since 2019, people applying for a visa to the United States have had to register their social media accounts with the U.S. government as part of the application process. Two U.S.-based documentary film organizations that regularly collaborate with non-U.S. filmmakers…