Pieter Arntz
Microsoft calls time on NTLM, so should you
The NTLM authentication protocol will no longer be developed by Microsoft, so administrators should switch as soon as possible.
2 minutes
Azure Service Tags vulnerability could allow attackers to access private data
Researchers have found that relying on Azure Service Tags to restrict access to systems is not a secure solution. Microsoft…
2 minutes
Okta suffers more credential stuffing attacks
Okta has issued a warning about credential stuffing attacks on its cross-origin authentication feature.
2 minutes
Operation Endgame—the largest ever battering for botnets
Europol has published the results of Operation Endgame, a campaign aimed at the infrastructure spreading IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee,…
2 minutes
North Korean threat actor behind new ransomware
A relatively new group of North Korean cybercriminals has been found deploying FakePenny ransomware.
2 minutes
140 Ascension facilities still reeling from ransomware attack
140 Ascension healthcare units have been disrupted by the Black Basta ransomware group.
1 minute
Patch now! Critical vulnerability in Veeam’s Backup Enterprise Manager
Veeam has issued an advisory about several vulnerabilities in its Backup Enterprise Manager (VBEM).
1 minute
Update now! GitHub patches critical vulnerability in Enterprise Server
GitHub has issued a patch for a critical and easy to exploit authentication bypass vulnerability in GitHub Enterprise Server.
1 minute
“Linguistic Lumberjack” vulnerability impacts all major cloud providers
Researchers have discovered a severe memory corruption vulnerability in Fluent Bit, a utility used by major cloud providers.
2 minutes
Wi-Fi design flaw makes networks vulnerable to hijacking
Researchers have discovered a flaw in the Wi-Fi standard that allows SSID confusion attacks.
2 minutes
Black Basta ransomware affiliates use Quick Assist to target users
Cybercriminals are using the Quick Assist remote assistance tool to deliver ransomware.
1 minute
Update now! Microsoft’s May Patch Tuesday includes two actively exploited vulnerabilities
This month’s Patch Tuesday updates contain fixes for two actively exploited vulnerabilities, another that is publicly disclosed, and a fourth…
2 minutes
F5 fixes two remotely exploitable vulnerabilities in BIG-IP Next Central Manager
F5 has released patches for two vulnerabilities in its BIG-IP Next Central Manager that could enable an attacker to gain…
2 minutes
Law enforcement places new teasers on LockBit leak site and reveals sanctions
Law enforcement has posted new teasers on the seized LockBit leak site about an upcoming announcement.
2 minutes
Gitlab zero-click vulnerability under active exploitation
An account takeover vulnerability in GitLab needs your immediate attention.
2 minutes
London Drugs closes retail stores after ransomware attack
Canadian pharmacy retail giant London Drugs is reeling from a cyberattack.
2 minutes
CISA pilot has sent 2,000 alerts to organizations at risk of ransomware
CISA director Jen Easterly said the agency’s automated vulnerability warning program will be ready for full deployment by the end…
1 minute
Patch now! Cactus exploits Qlik Sense to deliver ransomware
Researchers say the Cactus ransomware group is exploiting vulnerabilities in Qlik Sense.
1 minute
Update now! CrushFTP vulnerability allows data theft and possibly server compromise
Some 2,700 CrushFTP instances have their web interface exposed online.
2 minutes
