Intel-powered computers affected by serious firmware flaw (CVE-2024-0762)

A vulnerability (CVE-2024-0762) in the Phoenix SecureCore UEFI, which runs on various Intel processors, could be exploited locally to escalate privileges and run arbitrary code within the firmware during runtime. “This type of low-level exploitat… Continue reading Intel-powered computers affected by serious firmware flaw (CVE-2024-0762)

US bans Kaspersky antivirus software due to national security risks

The US Department of Commerce has announced an upcoming US-wide ban of cybersecurity and antivirus software by Kaspersky, as its “ability to gather valuable US business information, including intellectual property, and to gather US persons’ sensi… Continue reading US bans Kaspersky antivirus software due to national security risks

Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks

Ohio-based Crown Equipment, which is among the largest industrial and forklift truck manufacturers in the world, has become a victim of a cyberattack “by an international cybercriminal organization,” the company has finally confirmed to its… Continue reading Crown Equipment cyberattack confirmed, manufacturing disrupted for weeks

CDK Global cyberattack cripples 15,000 US auto dealerships

CDK Global, a software-as-a-service (SaaS) provider for car dealers and auto equipment manufacturers, has suffered a cyberattack that has temporarily disrupted its customers’ operations. About CDK and its platform CDK’s platform is used by … Continue reading CDK Global cyberattack cripples 15,000 US auto dealerships

Clever macOS malware delivery campaign targets cryptocurrency users

Cryptocurrency users are being targeted with legitimate-looking but fake apps that deliver information-stealing malware instead, Recorded Future’s researchers are warning. The threat actor behind this complex scheme is going after both Windows an… Continue reading Clever macOS malware delivery campaign targets cryptocurrency users

Medibank breach: Security failures revealed (lack of MFA among them)

The 2022 Medibank data breach / extortion attack perpetrated by the REvil ransomware group started by the attackers leveraging login credentials stolen from a private computer of an employee of a Medibank’s IT contractor. According to a statement… Continue reading Medibank breach: Security failures revealed (lack of MFA among them)

Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080)

VMware by Broadcom has fixed two critical vulnerabilities (CVE-2024-37079, CVE-2024-37080) affecting VMware vCenter Server and products that contain it: vSphere and Cloud Foundation. “A malicious actor with network access to vCenter Server may tr… Continue reading Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080)

Malware peddlers love this one social engineering trick!

Attackers are increasingly using a clever social engineering technique to get users to install malware, Proofpoint researchers are warning. The message warns of a problem but also offers a way to fix it (Source: Proofpoint) Social engineering users to … Continue reading Malware peddlers love this one social engineering trick!

Microsoft delays Windows Recall rollout, more security testing needed

Microsoft is delaying the release of Recall, a controversial Windows 11 feature that will allow users to search their computer for specific content that has previously been viewed by them. A preview of Recall should have been broadly available on June … Continue reading Microsoft delays Windows Recall rollout, more security testing needed

YetiHunter: Open-source threat hunting tool for Snowflake environments

Cloud identity protection company Permiso has created YetiHunter, a threat detection and hunting tool companies can use to query their Snowflake environments for evidence of compromise. YetiHunter executing queries (Source: Permiso Security) Recent att… Continue reading YetiHunter: Open-source threat hunting tool for Snowflake environments