China-Backed Hackers Exploit Fortinet Flaw, Infecting 20,000 Systems Globally

/in

State-sponsored threat actors backed by China gained access to 20,000 Fortinet FortiGate systems worldwide by exploiting a known critical security flaw between 2022 and 2023, indicating that the operation had a broader impact than previously known.
“The state actor behind this campaign was already aware of this vulnerability in FortiGate systems at least two months before Fortinet disclosed the

The Hacker News – ​Read More

Facebook, Meta, Apple, Amazon Most Impersonated in Phishing Scams

/in

Feeling phished? Don’t be a victim! Learn from Mailsuite’s research which popular brands scammers impersonate the most (including surprising ones!) and how to identify these cunning attacks.

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

RansomHub Brings Scattered Spider Into Its RaaS Fold

/in

The threat group behind breaches at Caesars and MGM moves its business over to a different ransomware-as-a-service operation.

darkreading – ​Read More

Chrome 126, Firefox 127 Patch High-Severity Vulnerabilities

/in

Google and Mozilla have released patches for 21 and 15 vulnerabilities in Chrome and Firefox, respectively.

The post Chrome 126, Firefox 127 Patch High-Severity Vulnerabilities appeared first on SecurityWeek.

SecurityWeek – ​Read More

UK Trails Behind Europe in Technical Skills Proficiency, Coursera Report Finds

/in

The U.K. is the 25th most technically proficient country in Europe, with Switzerland, Germany and the Netherlands taking the top three places.

Security | TechRepublic – ​Read More

Ransomware Group Exploits PHP Vulnerability Days After Disclosure

/in

The TellYouThePass ransomware gang started exploiting a recent code execution flaw in PHP days after public disclosure.

The post Ransomware Group Exploits PHP Vulnerability Days After Disclosure appeared first on SecurityWeek.

SecurityWeek – ​Read More

ICS Patch Tuesday: Advisories Published by Siemens, Schneider Electric, Aveva, CISA

/in

Several ICS vendors released advisories on Tuesday to inform customers about vulnerabilities found in their industrial and OT products. 

The post ICS Patch Tuesday: Advisories Published by Siemens, Schneider Electric, Aveva, CISA appeared first on SecurityWeek.

SecurityWeek – ​Read More

Critical Outlook RCE Vulnerability Exploits Preview Pane – Patch Now!

/in

A critical vulnerability (CVE-2024-30103) in Microsoft Outlook allows attackers to execute malicious code simply by opening an email. This “zero-click” exploit doesn’t require user interaction and poses a serious threat. Learn how this vulnerability works and how to stay protected.

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Microsoft Issues Patches for 51 Flaws, Including Critical MSMQ Vulnerability

/in

Microsoft has released security updates to address 51 flaws as part of its Patch Tuesday updates for June 2024.
Of the 51 vulnerabilities, one is rated Critical and 50 are rated Important. This is in addition to 17 vulnerabilities resolved in the Chromium-based Edge browser over the past month.
None of the security flaws have been actively exploited in the wild, with one of them listed as

The Hacker News – ​Read More

Forced-Labor Camps Fuel Billions of Dollars in Cyber Scams

/in

Greater collaboration between financial and law enforcement officials is needed to dismantle cybercrime scam centers in Cambodia, Laos, and Myanmar, which rake in tens of billions of dollars annually — and affect victims worldwide.

darkreading – ​Read More