[ad_1] BatBadBut flaw allowed an attacker to perform command injection on Windows Pierluigi Paganini April 13, 2024 A critical vulnerability, named ‘BatBadBut’, impacts multiple programming languages, its exploitation can lead to command injection in Windows applications. The cybersecurity researcher RyotaK (@ryotkak ) discovered a critical vulnerability,... Continue reading
Return to previous page
Page 3
[ad_1] Roku disclosed a new security breach impacting 576,000 accounts Pierluigi Paganini April 12, 2024 Roku announced that 576,000 accounts were compromised in a new wave of credential stuffing attacks. Roku announced that 576,000 accounts were hacked in new credential stuffing attacks, threat actors used... Continue reading
[ad_1] The first three months of 2024 saw 841 publicly reported “data compromises” – up 90% on the same period last year, according to the Identity Theft Resource Center (ITRC). The non-profit said that although the number of data breaches, exposures and leaks was up... Continue reading
[ad_1] TA547 targets German organizations with Rhadamanthys malware Pierluigi Paganini April 12, 2024 TA547 group is targeting dozens of German organizations with an information stealer called Rhadamanthys, Proofpoint warns. Proofpoint researchers observed a threat actor, tracked as TA547, targeting German organizations with an email campaign delivering the... Continue reading
[ad_1] The US Cybersecurity and Infrastructure Security Agency (CISA) has disclosed a breach affecting business analytics provider Sisense and urged its customers to rest their credentials. On April 11, 2024, CISA issued an advisory regarding Sisense customer data being potentially compromised. The agency is “currently... Continue reading
[ad_1] LastPass employee targeted via an audio deepfake call Pierluigi Paganini April 12, 2024 Crooks targeted a LastPass employee using deepfake technology to impersonate the company’s CEO in a fraudulent scheme. In a fraudulent scheme, criminals used deepfake technology to impersonate LastPass ‘s CEO, targeting... Continue reading
[ad_1] A critical zero-day vulnerability in Palo Alto Networks’ PAN-OS software, used in its GlobalProtect gateways, is being exploited in the wild, and no patches are available yet. Palo Alto Networks issued an alert about the flaw on April 12, 2024, thanking cybersecurity firm Volexity... Continue reading
[ad_1] Microsoft fixed two zero-day bugs exploited in malware attacks Pierluigi Paganini April 11, 2024 Microsoft addressed two zero-day vulnerabilities (CVE-2024-29988 and CVE-2024-26234) actively exploited by threat actors to deliver malware Microsoft addressed two zero-day vulnerabilities, tracked as CVE-2024-29988 and CVE-2024-26234, that threat actors are... Continue reading
[ad_1] Threat actors distributing Raspberry Robin now use Windows Script Files (WSF) to spread the worm alongside other methods, such as USB drives. HP Threat Research identified new campaigns starting in March 2024 in which Raspberry Robin was spread through highly obfuscated Windows Script Files,... Continue reading
[ad_1] US CISA published an alert on the Sisense data breach Pierluigi Paganini April 11, 2024 Business intelligence software company Sisense suffered a cyberattack that may have exposed sensitive information of major enterprises worldwide. Sisense, a business intelligence software company, experienced a cyberattack potentially exposing... Continue reading