Below you'll find a list of all posts that have been categorized as “Security”
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory that serves as a stark warning. If you’re using VMware products that are impacted by recently disclosed critical security flaws, either patch them immediately or remove them from your network. CISA issued the dire warning because the last time …
If you’re not familiar with the term, a Zero Day exploit is a security flaw that the software vendor is not aware of and hasn’t yet patched. In many (but not all) cases, Zero Day Vulnerabilities will also have publicly available proof-of-concept exploits before a patch becomes available. Quite often, …
Phishing campaigns get more effective the more closely they can imitate a trusted source. Recently, security researchers at Fortinet discovered evidence of a phishing campaign that specifically targets Microsoft Windows users and installs three different types of malware on the systems it manages to infect. Among other things, this campaign …
Security researchers employed by Microsoft have recently spotted a variant of the Sysrv botnet. They have dubbed the new variant Sysrv-K. This new variant works in two ways. First, it exploits a flaw in the Spring Cloud Gateway that allows remote code execution (tracked as CVE-2022-22947). Second, the botnet scans …
HP recently released a BIOS update to address a pair of high-severity vulnerabilities that affect a wide range of PC and notebook products offered by the company. In both cases, the vulnerabilities would allow an attacker to execute code arbitrarily and with Kernel level privileges. The two flaws are being …
Do you use a Zyxel firewall? If so, there’s good news. The company has fixed an issue you may not have even been aware that you had. The company pushed out the fix in a silent update a little over two weeks ago, but when they implemented the push, they …
At least one group of hackers has learned a new trick you need to be aware of. Security researchers at Kapersky Lab have discovered a malicious campaign-in-progress that is using event logs to store malware. That is a technique that has not been seen or documented until now. This new …
The name Kevin Beaumont may not be familiar to you, but if you’re a Linux or Solaris user, he may have just saved you a whole lot of grief. Recently, Mr. Beaumont discovered a stealthy backdoor malware that has been quietly infecting Linux and Solaris SPARC systems for more than …
Hackers around the world are increasingly targeting verified Twitter accounts with emails designed to pilfer your Twitter login credentials. Verified Twitter accounts differ from standard Twitter accounts in that they sport a large blue check mark next to the user’s name, which indicates that the person who owns the account …
The MalwareHunterTeam recently discovered a new ransomware operation that is particularly nasty. Called Onyx, outwardly, the operation does what most ransomware campaigns do. It gets inside a corporate network, exfiltrates the data that it wants, then seems to encrypt the rest, and then threatens to release the files to the …
