Two zero-days discovered in Trend Micro’s Apex One EDR platform
The first bug is an arbitrary file upload vulnerability, while the second is described as local privilege escalation vulnerability.
Cybersecurity News - Page 292
Another vulnerability found in the Windows Print Spooler
Successful exploitation of this vulnerability allows a local hacker to gain SYSTEM privileges on a computer.
Microsoft fixed seven critical bugs including Print Spooler vulnerability
The tech giant also released a patch for Windows Update Medic Service elevation of privilege zero day vulnerability.
Russian hackers leaked one million stolen credit cards to promote carding market
Acording to cybersecurity researchers, 50% of the stolen cards are still active and valid.
Hackers actively scanning for Microsoft Exchange servers with ProxyShell vulnerabilities
The attacks began after cybersecurity researchers showed technical details of these problems at the Black Hat conference.
Cisco Patches Critical Vulnerabilities in Small Business VPN Routers
Their exploitation could allow unauthenticated attackers to achieve arbitrary code execution on affected devices.
Chinese state-sponsored APT41 used new dropper in attacks on Mongolia, Russia and U.S.
Dropper can download other malware from a remote command-and-control server, exfiltrate sensitive data, and even delete itself from the compromised system.
South Africa’s steel supplier Macsteel suffered a cyberattack around the same time as Transnet
Macsteel representatives said that the company’s systems "returned back to normal" within two business days of the breach and no critical information was affected.
Raccoon stealer-as-a-service now targets cryptocurrency wallets
Previously, the malware was mainly spread through spam emails, but in a recent campaign Raccoon has been delivered via cracked software.
NSA, CISA release Kubernetes hardening guidance
Over the past few years, numerous attacks were observed targeting misconfigured Kubernetes installs.
Showing elements 2911 - 2920