​Microsoft has announced that Windows Server 2025, the latest version of its server operating system, is generally available starting Friday, November 1st. In January 2024, the company released the first Windows Server 2025 build for admins enrolled in the Windows Insider program. This new version introduced hotpatching, next-gen Active Directory, and SMB over QUIC alternative ports (allows […]
UK’s National Cyber Security Centre (NCSC) has published an analysis of a Linux malware named “Pigmy Goat” created to backdoor Sophos XG firewall devices as part of recently disclosed attacks by Chinese threat actors. Last week, Sophos published a series of reports dubbed “Pacific Rim” that detailed five-year attacks by Chinese threat actors on edge networking devices. One […]
Nokia is investigating whether a third-party vendor was breached after a hacker claimed to be selling the company’s stolen source code. “Nokia is aware of reports that an unauthorized actor has alleged to have gained access to certain third-party contractor data and possibly data of Nokia,” the company told GeekFeed. “Nokia takes this allegation seriously […]
Google fixed two actively exploited Android zero-day flaws as part of its November security updates, addressing a total of 51 vulnerabilities. Tracked as CVE-2024-43047 and CVE-2024-43093, the two issues are marked as exploited in limited, targeted attacks. “There are indications that the following may be under limited, targeted exploitation,” says Google’s advisory. The CVE-2024-43047 flaw is […]
Canadian authorities have arrested a man suspected of having stolen the data of hundreds of millions after targeting over 165 organizations, all of them customers of cloud storage company Snowflake. According to Canada’s Department of Justice, Alexander “Connor” Moucka (aka “Waifu” and “Judische”) was taken into custody on Wednesday at the request of the United States […]
LastPass is warning about an ongoing campaign where scammers are writing reviews for its Chrome extension to promote a fake customer support phone number. However, this phone number is part of a much larger campaign to trick callers into giving scammers remote access to their computers, as discovered by GeekFeed. LastPass is a popular password […]
Synology, a Taiwanese network-attached storage (NAS) appliance maker, patched two critical zero-days exploited during last week’s Pwn2Own hacking competition within days. Midnight Blue security researcher Rick de Jager found the critical zero-click vulnerabilities (tracked together as CVE-2024-10443 and dubbed RISK:STATION) in the company’s Synology Photos and BeePhotos for BeeStation software. As Synology explains in security advisories published two days after the […]
The Dstat.cc DDoS review platform has been seized by law enforcement, and two suspects have been arrested after the service helped fuel distributed denial-of-service attacks for years. The seizure and arrests were conducted as part of “Operation PowerOFF,” an ongoing international law enforcement operation that targets DDoS-for-hire platforms, aka “booters” or “stressers,” to seize infrastructure and […]
Microsoft warned customers they might experience up to 30 minutes of black screens when logging into Azure Virtual Desktop (AVD) after installing the KB5040525 Windows 10 July 2024 preview update. Additional symptoms include single sign-on (SSO) failures (on Office applications such as Outlook and Teams) blocking connections to backend services or preventing data syncs and […]
The Housing Authority of the City of Los Angeles (HACLA), one of the largest public housing authorities in the United States, confirmed that a cyberattack hit its IT network after recent breach claims from the Cactus ransomware gang. HACLA provides affordable public housing and assistance programs to low-income families, children, and seniors in Los Angeles, […]
