Earth Baku, yet another subgroup of the highly active and increasingly sophisticated collective, is moving into EMEA with new malware and living-off-the-land (LOL) tactics.
darkreading – Read More
Computer infrastructure in the US, UK, and Germany associated with the cybercriminal group, which targeted SMBs using double extortion, is officially out of commission.
darkreading – Read More
Privilege escalation flaws in the healthcare chatbot platform could have allowed unauthorized cross-tenant access and management of other customers’ resources.
darkreading – Read More
A StickmanCyber report reveals a critical cybersecurity skills shortage in Australia, which can have both short- and long-term business implications
Security | TechRepublic – Read More
Microsoft’s security response team pushed out documentation for almost 90 vulnerabilities across Windows and OS components and marked several flaws in the actively exploited category.
The post Microsoft Warns of Six Windows Zero-Days Being Actively Exploited appeared first on SecurityWeek.
SecurityWeek – Read More
Patch Tuesday: Adobe patches 72 security vulnerabilities and warns that Windows and macOS users are at risk of code execution, memory leaks, and denial-of-service attacks.
The post Adobe Calls Attention to Massive Batch of Code Execution Flaws appeared first on SecurityWeek.
SecurityWeek – Read More
A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has disclosed an architectural bug impacting Chinese chip company T-Head’s XuanTie C910 and C920 RISC-V CPUs that could allow attackers to gain unrestricted access to susceptible devices.
The vulnerability has been codenamed GhostWrite. It has been described as a direct CPU bug embedded in the hardware, as
The Hacker News – Read More
Cybersecurity researchers have discovered two security flaws in Microsoft’s Azure Health Bot Service that, if exploited, could permit a malicious actor to achieve lateral movement within customer environments and access sensitive patient data.
The critical issues, now patched by Microsoft, could have allowed access to cross-tenant resources within the service, Tenable said in a new report shared
The Hacker News – Read More
Maksim Silnikau was extradited to the US to face charges for roles in the distribution of the Angler exploit kit, malware, and the Ransom Cartel ransomware.
The post US Unseals Charges Against Three Eastern Europeans Over Ransomware, Malvertising appeared first on SecurityWeek.
SecurityWeek – Read More
In August, 2.7 billion records from National Public Data, including social security numbers, were leaked on a dark web forum.
Security | TechRepublic – Read More