Ransomware group disguises SharpRhino trojan as Angry IP Scanner
Researchers have uncovered more details of a Hunters International campaign that uses search ads to spread the SharpRhino RAT.
1 minute
News
Azure outage was DDoS attack made worse by failed mitigation
Microsoft says the recent outage affecting Azure and other cloud services was down to a DDoS attack and some faulty…
2 minutes
Patch now! ServiceNow vulnerabilities under active exploitation
Up to 42,000 ServiceNow systems may be at risk of compromise.
1 minute
Google Workspace flaw allowed cybercriminals to impersonate domains
Google claims it has since fixed the problem.
2 minutes
22 minutes from PoC exploit to attacks—would you have patched in time?
The speed at which you need to apply patches is increasing. Are you prepared?
2 minutes
GeoServer vulnerability actively abused, CISA warns
CISA has added CVE-2024-36401 to its catalog of known exploited vulnerabilities.
2 minutes
Watch out for CRYSTALRAY, an open source aficionado with a hunger for crypto
The CRYSTALRAY group, tracked by Sysdig, is using a suite of open source tools to find and compromise targets for…
1 minute
Patch now! July Patch Tuesday fixes two actively exploited vulnerabilities
Microsoft's Patch Tuesday covers two actively exploited vulnerabilities, one Office Remote Code Execution (RCE) flaw, and many other CVEs
2 minutes
South Africa’s NHLS is recovering from a ransomware attack quickly, it just doesn’t feel that way
It's estimated that the NHLS handles diagnostic tests for about 80% of South Africa's population. Ransomware groups don't care.
2 minutes
Law enforcement takes out hundreds of malicious Cobalt Strike servers
International law enforcement agencies have revealed a three-year operation to combat Cobalt Strike servers used by cybercriminals.
1 minute
Upgrade now! Juniper releases patch for critical authentication bypass
Juniper Networks has released an out-of-cycle upgrade for a CVSS 10 vulnerability.
1 minute
Upgrade now! New MOVEit Transfer vulnerability under active exploitation
A new vulnerability in MOVEit Transfer is already under active exploitation, just a day after a patch was released.
2 minutes
GrimResource MSC attack uses 5-year-old vulnerability
Cybercriminals' search for an alternative to Office macros has brought them to MSC files used by the Microsoft Management Console.
2 minutes
UEFI vulnerability for Intel processors opens the doors for a bootkit
Researchers have disclosed details of a vulnerability in Phoenix Technologies' firmware for Intel processors.
2 minutes
Microsoft 365 users targeted in 2FA-busting phishing campaigns
Researchers have uncovered a Phishing-as-a-Service platform that enables criminals to bypass some forms of 2FA.
2 minutes
Compromised F5 BIG-IP appliances abused in three-year infiltration
A state-sponsored attacker used compromised F5 load balancers to gain persistence on a target's network.
2 minutes
Microsoft’s April 2024 Patch Tuesday includes two actively exploited zero-day vulnerabilities
Microsoft has fixed 149 vulnerabilities, two of which are reportedly being exploited in the wild.
2 minutes
Update now! ConnectWise ScreenConnect vulnerability needs your attention
ConnectWise customers need to take immediate action to remediate a critical vulnerability.
1 minute
LockBit, the world’s worst ransomware, is down
LockBit's position as ransomware's biggest beast is suddenly in doubt.
1 minute
