Microsoft Uncovers Sandworm Subgroup’s Global Cyber Attacks Spanning 15+ Countries

/in

A subgroup within the infamous Russian state-sponsored hacking group known as Sandworm has been attributed to a multi-year initial access operation dubbed BadPilot that stretched across the globe.
“This subgroup has conducted globally diverse compromises of Internet-facing infrastructure to enable Seashell Blizzard to persist on high-value targets and support tailored network operations,” the

The Hacker News – ​Read More

Don’t ignore Microsoft’s February Patch Tuesday – it’s a big one for all Windows 11 users

/in

The latest updates resolve more glitches and security flaws – some critical – in Windows 11 23H2 and 24H2, so you’ll want to install them sooner rather than later.

Latest stories for ZDNET in Security – ​Read More

Microsoft: Russia’s Sandworm APT Exploits Edge Bugs Globally

/in

Sandworm (aka Seashell Blizzard) has an initial access wing called “BadPilot” that uses standard intrusion tactics to spread Russia’s tendrils around the world.

darkreading – ​Read More

Google Family Link now limits who can contact your child’s device

/in

The parental control app just added several new features to help you keep your kids safer.

Latest stories for ZDNET in Security – ​Read More

Russian Seashell Blizzard Hackers Gain, Maintain Access to High-Value Targets: Microsoft

/in

A subgroup of the Russia-linked Seashell Blizzard is tasked with broad initial access operations to sustain long-term persistence.

The post Russian Seashell Blizzard Hackers Gain, Maintain Access to High-Value Targets: Microsoft appeared first on SecurityWeek.

SecurityWeek – ​Read More

Patch Tuesday: Microsoft Fixes 63 Bugs with 2 Zero-Days

/in

Microsoft’s February Patch Tuesday addresses 63 security vulnerabilities, including two actively exploited zero-days. Update your systems now to…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

SGNL snags $30M for a new take on ID security based on zero-standing privileges

/in

Security experts often describe identity as the “new perimeter” in the world of security: in the world of cloud services where network assets and apps can range far and wide, the biggest vulnerabilities are often leaked and spoofed log-in credentials.  A startup called SGNL has built a new approach that it believes is better at […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

Researchers Find New Exploit Bypassing Patched NVIDIA Container Toolkit Vulnerability

/in

Cybersecurity researchers have discovered a bypass for a now-patched security vulnerability in the NVIDIA Container Toolkit that could be exploited to break out of a container’s isolation protections and gain complete access to the underlying host.
The new vulnerability is being tracked as CVE-2025-23359 (CVSS score: 8.3). It affects the following versions –

NVIDIA Container Toolkit (All

The Hacker News – ​Read More

Is AI a Friend or Foe of Healthcare Security?

/in

When it comes to keeping patient information safe, people empowerment is just as necessary as deploying new technologies.

darkreading – ​Read More

Ivanti, Fortinet Patch Remote Code Execution Vulnerabilities

/in

Ivanti and Fortinet on Tuesday released patches for multiple critical- and high-severity vulnerabilities in their products.

The post Ivanti, Fortinet Patch Remote Code Execution Vulnerabilities appeared first on SecurityWeek.

SecurityWeek – ​Read More