Collaborate Disseminate
CISA is making recommendations for organizations and users in light of the recent Oracle legacy cloud environment hack.
The post CISA Issues Guidance After Oracle Cloud Hack appeared first on SecurityWeek.
Continue reading CISA Issues Guidance After Oracle Cloud Hack
The Chinese state-sponsored group Mustang Panda has used new and updated malicious tools in a recent attack.
The post Chinese APT Mustang Panda Updates, Expands Arsenal appeared first on SecurityWeek.
Continue reading Chinese APT Mustang Panda Updates, Expands Arsenal
A SonicWall SMA 100 series vulnerability patched in 2021, which went unnoticed at the time of patching, is being exploited in the wild.
The post SonicWall Flags Old Vulnerability as Actively Exploited appeared first on SecurityWeek.
Continue reading SonicWall Flags Old Vulnerability as Actively Exploited
Nintendo’s lawyers systematically dismantled Atari Games in a landmark 1989 legal battle that reshaped the gaming industry, killing off the Tengen brand until its surprise resurrection recently.
When Atari Games (operating as Tengen) attempted to cir… Continue reading How Nintendo’s Legal Team Destroyed Atari Games Through Courtroom Strategy
The number of infostealers sent through phishing emails jumped by 84% last year. IBM X-Force offers these recommendations for defending yourself from all manner of malware. Continue reading Data-stealing cyberattacks are surging – 7 ways to protect yourself and your business
Apple’s iOS 18.4.1 update fixes a bug with wireless CarPlay and resolves two security holes already exploited in targeted attacks. Continue reading Update your iPhone now to patch a CarPlay glitch and two serious security flaws
A critical security vulnerability has been disclosed in the Erlang/Open Telecom Platform (OTP) SSH implementation that could permit an attacker to execute arbitrary code sans any authentication under certain conditions.
The vulnerability, tracked as CV… Continue reading Critical Erlang/OTP SSH Vulnerability (CVSS 10.0) Allows Unauthenticated Code Execution
Microsoft has announced that starting later this month, ActiveX controls will be disabled by default in all Windows versions of Microsoft 365 and Office 2024 apps—including Word, Excel, PowerPoint, and Visio. This update is part of a global push to imp… Continue reading Microsoft to disable ActiveX in Office
Microsoft is calling attention to an ongoing malvertising campaign that makes use of Node.js to deliver malicious payloads capable of information theft and data exfiltration.
The activity, first detected in October 2024, uses lures related to cryptocur… Continue reading Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers
Windows versions of the BrickStorm backdoor that the Chinese APT used in the MITRE hack last year have been active for years.
The post MITRE Hackers’ Backdoor Has Targeted Windows for Years appeared first on SecurityWeek.
Continue reading MITRE Hackers’ Backdoor Has Targeted Windows for Years