cybersecurity
ADT confirms data breach after customer info leaked on hacking forum
American building security giant ADT confirmed it suffered a data breach after threat actors leaked allegedly stolen customer data on a popular hacking forum. ADT is a public American company that specializes in security and smart home solutions for residential and small business customers. The firm employs 14,300 people, has an annual revenue of $4.98 […]
Most companies are afraid of unseen cybersecurity threats
Companies are afraid of the threat posed by unknown threat actors and exploits, according to research from security monitoring specialist Critical Start, which said that, by and large, administrators are more afraid of what they don’t know than flaws and attacks that are already public. The study, which polled some 1,000 cybersecurity professionals across various […]
New Specula tool uses Outlook for remote code execution in Windows
Microsoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named “Specula,” released today by cybersecurity firm TrustedSec. This C2 framework works by creating a custom Outlook Home Page using WebView by exploiting CVE-2017-11774, an Outlook security feature bypass vulnerability patched in October 2017. “In […]
1 million HotJar users vulnerable to XSS attacks
By combining OAuth features with an age-old cross-site scripting (XSS) vulnerability, Salt Labs researchers were able to take over any account in HotJar and Business Insider online services. Because HotJar serves more than 1 million websites, including, Adobe, Microsoft, T-Mobile, and Nintendo, security pros considered the issue serious, even though many protections were layered into […]
Spain arrests three in pro-Russian DDoS crew takedown
Officials in Spain arrested three people as part of a takedown of a pro-Russia hacktivist group. The nation’s Ministry of Interior announced that three residents from different parts of the country were taken into custody for their alleged involvement in hacktivist crew NoName057(16). The three were not named and charges were not announced. The ministry […]
New Play ransomware Linux version targets VMware ESXi VMs
Play ransomware is the latest ransomware gang to start deploying a dedicated Linux locker for encrypting VMware ESXi virtual machines. Cybersecurity company Trend Micro, whose analysts spotted the new ransomware variant, says the locker is designed to first check whether it’s running in an ESXi environment before executing and that it can evade detection on […]
UK arrests suspected Scattered Spider hacker linked to MGM attack
UK police have arrested a 17-year-old boy suspected of being involved in the 2023 MGM Resorts ransomware attack and a member of the Scattered Spider hacking collective. “We have arrested a 17-year-old boy from Walsall in connection with a global cyber online crime group which has been targeting large organisations with ransomware and gaining access to […]
Critical Cisco bug lets hackers add root users on SEG devices
Cisco has fixed a critical severity vulnerability that lets attackers add new users with root privileges and permanently crash Security Email Gateway (SEG) appliances using emails with malicious attachments. Tracked as CVE-2024-20401, this arbitrary file write security flaw in the SEG content scanning and message filtering features is caused by an absolute path traversal weakness […]
CrowdStrike update crashes Windows systems, causes outages worldwide
A faulty component in the latest CrowdStrike Falcon update is crashing Windows systems, impacting various organizations and services across the world, including airports, TV stations, and hospitals. The glitch is affecting Windows workstations and servers, with users reporting massive outages that took offline entire companies and fleets of hundreds of thousands of computers. According to […]
VMware, Adobe bugs exploited in active attacks as Cisco warns of critical ‘10.0’ flaw
VMware, SolarWinds and Adobe users are being warned that vulnerabilities found in each of the products are under active attack. On Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Impacted products include Adobe Commerce (CVE-2024-34102), SolarWinds Serv-U (CVE-2024-28995) and VMware vCenter Server (CVE-2022-22948) CISA’s warning […]