Collaborate Disseminate
Malware hunters catch Chinese APT Volt Typhoon exploiting a zero-day in Versa Director servers used by ISPs and MSPs.
The post Chinese APT Volt Typhoon Caught Exploiting Versa Networks SD-WAN Zero-Day appeared first on SecurityWeek.
Continue reading Chinese APT Volt Typhoon Caught Exploiting Versa Networks SD-WAN Zero-Day
More than two years after the Log4j crisis, organizations are still being hit by crypto-currency miners and backdoor scripts.
The post Two Years On, Log4Shell Vulnerability Still Being Exploited to Deploy Malware appeared first on SecurityWeek.
Continue reading Two Years On, Log4Shell Vulnerability Still Being Exploited to Deploy Malware
GitHub patches a trio of security defects in the GitHub Enterprise Server product and recommends urgent patching for corporate users.
The post Critical Authentication Flaw Haunts GitHub Enterprise Server appeared first on SecurityWeek.
Continue reading Critical Authentication Flaw Haunts GitHub Enterprise Server
Backdoor in millions of contactless cards made by Shanghai Fudan Microelectronics allows instantaneous cloning of RFID smart cards used to open office doors and hotel rooms around the world.
The post Major Backdoor in Millions of RFID Cards Allows Inst… Continue reading Major Backdoor in Millions of RFID Cards Allows Instant Cloning
The vulnerability, tracked as CVE-2024-38193 and marked as ‘actively exploited’ by Microsoft, allows SYSTEM privileges on the latest Windows operating systems.
The post Windows Zero-Day Attack Linked to North Korea’s Lazarus APT appeared first on Secur… Continue reading Windows Zero-Day Attack Linked to North Korea’s Lazarus APT
Security experts are ratcheting up the urgency for Windows admins to patch a wormable, pre-auth remote code execution vulnerability in the Windows TCP/IP stack.
The post Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw appeared … Continue reading Zero-Click Exploit Concerns Drive Urgent Patching of Windows TCP/IP Flaw
Microsoft’s security response team pushed out documentation for almost 90 vulnerabilities across Windows and OS components and marked several flaws in the actively exploited category.
The post Microsoft Warns of Six Windows Zero-Days Being Actively Exp… Continue reading Microsoft Warns of Six Windows Zero-Days Being Actively Exploited
Patch Tuesday: Adobe patches 72 security vulnerabilities and warns that Windows and macOS users are at risk of code execution, memory leaks, and denial-of-service attacks.
The post Adobe Calls Attention to Massive Batch of Code Execution Flaws appeared… Continue reading Adobe Calls Attention to Massive Batch of Code Execution Flaws
Law enforcement authorities in the U.S. have arrested a Tennessee man accused of running a “laptop farm” that helped North Korean IT workers secure remote jobs at American companies.
The post Justice Department Disrupts North Korean ‘Laptop Farm&… Continue reading Justice Department Disrupts North Korean ‘Laptop Farm’ Operation
The vulnerabilities, patched in OpenVPN 2.6.10, expose users on the Windows platform to remote code execution attacks.
The post Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains appeared first on SecurityWeek.
Continue reading Microsoft Warns of OpenVPN Vulnerabilities, Potential for Exploit Chains