A visit to a print shop put a password stealer on a co-worker’s laptop
Old-school malware distribution methods have a habit of hanging around long after people stop talking about them.
2 minutes
Pieter Arntz
Watch out! Mobidash Android adware spread through phishing and online links
ThreatDown has uncovered a new campaign spreading the MobiDash adware for Android.
1 minute
Hybrid cloud environments are not safe from ransomware
A ransomware affiliate has been found compromising hybrid cloud environments.
3 minutes
Android’s Rusty new code shakes off huge number of memory-safe vulnerabilities
Google has dramatically reduced the number of serious memory safety vulnerabilities in Android by shifting to memory-safe languages.
2 minutes
North Korean IT workers—or how not to solve the IT staff shortage
North Korea has been infiltrating organizations using IT workers with fake identities.
3 minutes
Ivanti patches admin bypass for Cloud Services Appliance
Ivanti has released a security advisory for a critical vulnerability in Ivanti CSA 4.6 which is being actively exploited.
2 minutes
Windows MSHTML vulnerability actively exploited
CISA has added another MSHTML vulnerability rooted in Internet Explorer to its known exploited vulnerabilities catalog
1 minute
Microsoft might kick security vendors out of the Windows kernel
Reducing kernel-level access could undermine security vendors' ability to protect systems effectively.
1 minute
Update now! Four zero-days fixed in September Patch Tuesday
Microsoft’s September Patch Tuesday covers 79 Microsoft CVEs and includes four actively exploited zero-days.
2 minutes
NIS 2 is coming, are you ready?
The NIS2 directive aims to raise the standard of cybersecurity in Europe and brings new obligations and new penalties for…
4 minutes
Ransomware payments on track to smash $1.1 billion record
Median payments to some strains are now $1.5 million—a 650% increase from early 2023.
1 minute
Update now! August Patch Tuesday covers several zero-days
Microsoft’s August Patch Tuesday covers 90 Microsoft CVEs and includes nine actively-exploited zero-days.
2 minutes
Patch now! Microsoft Office flaw could leak NTLM hashes
Microsoft is warning about a Microsoft Office vulnerability which an attacker could use to steal NTLM hashes.
3 minutes
Ransomware group disguises SharpRhino trojan as Angry IP Scanner
Researchers have uncovered more details of a Hunters International campaign that uses search ads to spread the SharpRhino RAT.
1 minute
What is a path traversal vulnerability?
What are path or directory traversal vulnerabilities, and how can you protect against them?
3 minutes
Azure outage was DDoS attack made worse by failed mitigation
Microsoft says the recent outage affecting Azure and other cloud services was down to a DDoS attack and some faulty…
2 minutes
Patch now! ServiceNow vulnerabilities under active exploitation
Up to 42,000 ServiceNow systems may be at risk of compromise.
1 minute
Google Workspace flaw allowed cybercriminals to impersonate domains
Google claims it has since fixed the problem.
2 minutes
Biggest trial court in the US closed after ransomware attack
The Los Angeles County Superior Court remained closed on Monday as it tried to recover from a ransomware attack.
1 minute
Fake CrowdStrike hot fix leads to Remcos Trojan
To nobody's surprise, cybercriminals are abusing the CrowdStrike outage.
2 minutes
