“Spring patches leaked Spring4Shell zero-day RCE vulnerability” plus 12 BleepingComputer.com |
- Spring patches leaked Spring4Shell zero-day RCE vulnerability
- Thinking of a new career? Consider Cybersecurity with these free courses
- LockBit victim estimates cost of ransomware attack to be $42 million
- Palo Alto Networks error exposed customer support cases, attachments
- DPRK hackers go after crypto assets using trojanized DeFi Wallet app
- Calendly actively abused in Microsoft credentials phishing
- US national emergency extended due to elevated malicious cyber activity
- New Spring Java framework zero-day allows remote code execution
- Globant confirms hack after Lapsus$ leaks 70GB of stolen data
- Google: Russian phishing attacks target NATO, European military
- QNAP warns severe OpenSSL bug affects most of its NAS devices
- FBI disrupts BEC cybercrime gangs targeting victims worldwide
- Hive ransomware uses new 'IPfuscation' trick to hide payload
Spring patches leaked Spring4Shell zero-day RCE vulnerability Posted: 31 Mar 2022 08:16 AM PDT Spring released emergency updates to fix the 'Spring4Shell' zero-day remote code execution vulnerability, which leaked prematurely online before a patch was released. [...] |
Thinking of a new career? Consider Cybersecurity with these free courses Posted: 31 Mar 2022 07:03 AM PDT Curiosity and a love of learning are definite advantages in the cybersecurity field, and reading and learning more about the subject is just a few clicks away. The world needs more people out there fighting cybercrime. Perhaps one of them could be you. [...] |
LockBit victim estimates cost of ransomware attack to be $42 million Posted: 31 Mar 2022 06:30 AM PDT Atento has published its 2021 financial performance results, which have a massive $42.1 million dent from a ransomware attack the firm suffered in October 2021. [...] |
Palo Alto Networks error exposed customer support cases, attachments Posted: 31 Mar 2022 06:00 AM PDT EXCLUSIVE: A bug in the support dashboard of Palo Alto Networks (PAN) exposed thousands of customer support tickets to an unauthorized individual, BleepingComputer has learned. The exposed information included, customer names, contact information, conversations between staff and customers, firewall logs and configuration dumps. [...] |
DPRK hackers go after crypto assets using trojanized DeFi Wallet app Posted: 31 Mar 2022 05:05 AM PDT Hackers associated with the North Korean government have been distributing a trojanized version of the DeFi Wallet for storing cryptocurrency assets to gain access to the systems of cryptocurrency users and investors. [...] |
Calendly actively abused in Microsoft credentials phishing Posted: 31 Mar 2022 03:00 AM PDT Phishing actors are actively abusing Calendly to kick off a clever sequence to trick targets into entering their email account credentials on the phishing page. [...] |
US national emergency extended due to elevated malicious cyber activity Posted: 30 Mar 2022 01:34 PM PDT US President Joe Biden today has extended the state of national emergency declared to deal with increasingly prevalent and severe malicious cyber threats to the United States national security, foreign policy, and economy. [...] |
New Spring Java framework zero-day allows remote code execution Posted: 30 Mar 2022 01:16 PM PDT A new zero-day vulnerability in the Spring Core Java framework called 'Spring4Shell' has been publicly disclosed, allowing unauthenticated remote code execution on applications. [...] |
Globant confirms hack after Lapsus$ leaks 70GB of stolen data Posted: 30 Mar 2022 11:47 AM PDT IT and software consultancy firm Globant has confirmed that they were breached by the Lapsus$ data extortion group, where data consisting of administrator credentials and source code was leaked by the threat actors. [...] |
Google: Russian phishing attacks target NATO, European military Posted: 30 Mar 2022 10:44 AM PDT The Google Threat Analysis Group (TAG) says more and more threat actors are now using Russia's war in Ukraine to target Eastern European and NATO countries, including Ukraine, in phishing and malware attacks. [...] |
QNAP warns severe OpenSSL bug affects most of its NAS devices Posted: 30 Mar 2022 09:39 AM PDT Taiwan-based network-attached storage (NAS) maker QNAP warned on Tuesday that most of its NAS devices are impacted by a high severity OpenSSL bug disclosed two weeks ago. [...] |
FBI disrupts BEC cybercrime gangs targeting victims worldwide Posted: 30 Mar 2022 09:13 AM PDT A coordinated operation conducted by the FBI and its international law enforcement partners has resulted in disrupting business email compromise (BEC) schemes in several countries. [...] |
Hive ransomware uses new 'IPfuscation' trick to hide payload Posted: 30 Mar 2022 07:12 AM PDT Threat analysts have discovered a new obfuscation technique used by the Hive ransomware gang, involving IPv4 addresses and a series of conversions that eventually lead to downloading Cobalt Strike beacons. [...] |
You are subscribed to email updates from BleepingComputer. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States |
Lexo edhe: