[ad_1] BatBadBut flaw allowed an attacker to perform command injection on Windows Pierluigi Paganini April 13, 2024 A critical vulnerability, named ‘BatBadBut’, impacts multiple programming languages, its exploitation can lead to command injection in Windows applications. The cybersecurity researcher RyotaK (@ryotkak ) discovered a critical vulnerability, dubbed BatBadBut, which impacts multiple programming languages. When specific conditions …

BatBadBut flaw allowed an attacker to perform command injection on Windows Read More »

[ad_1] Roku disclosed a new security breach impacting 576,000 accounts Pierluigi Paganini April 12, 2024 Roku announced that 576,000 accounts were compromised in a new wave of credential stuffing attacks. Roku announced that 576,000 accounts were hacked in new credential stuffing attacks, threat actors used credentials stolen from third-party platforms. “Credential stuffing is a type of …

Roku disclosed a new security breach impacting 576,000 accounts Read More »

[ad_1] TA547 targets German organizations with Rhadamanthys malware Pierluigi Paganini April 12, 2024 TA547 group is targeting dozens of German organizations with an information stealer called Rhadamanthys, Proofpoint warns. Proofpoint researchers observed a threat actor, tracked as TA547, targeting German organizations with an email campaign delivering the Rhadamanthys malware. TA547 is a financially motivated threat actor that …

TA547 targets German organizations with Rhadamanthys malware Read More »

[ad_1] LastPass employee targeted via an audio deepfake call Pierluigi Paganini April 12, 2024 Crooks targeted a LastPass employee using deepfake technology to impersonate the company’s CEO in a fraudulent scheme. In a fraudulent scheme, criminals used deepfake technology to impersonate LastPass ‘s CEO, targeting an employee of the company. The attack occurred this week, …

LastPass employee targeted via audio deepfake call Read More »

[ad_1] Microsoft fixed two zero-day bugs exploited in malware attacks Pierluigi Paganini April 11, 2024 Microsoft addressed two zero-day vulnerabilities (CVE-2024-29988 and CVE-2024-26234) actively exploited by threat actors to deliver malware Microsoft addressed two zero-day vulnerabilities, tracked as CVE-2024-29988 and CVE-2024-26234, that threat actors are exploiting to deliver malware. Microsoft Patches Tuesday security updates for …

Microsoft fixed two zero-day flaws exploited in malware attacks Read More »

[ad_1] US CISA published an alert on the Sisense data breach Pierluigi Paganini April 11, 2024 Business intelligence software company Sisense suffered a cyberattack that may have exposed sensitive information of major enterprises worldwide. Sisense, a business intelligence software company, experienced a cyberattack potentially exposing the sensitive data of global enterprises. The list of the …

US CISA published an alert on the Sisense data breach Read More »