Bleeping Computer
SolarWinds Web Help Desk flaw is now exploited in attacks
CISA has added three flaws to its 'Known Exploited Vulnerabilities' (KEV) catalog, among which is a critical hardcoded credentials flaw in SolarWinds Web Help Desk (WHD) that the vendor fixed in late August 2024. [...]
Kategorie: Hacking & Security
US disrupts Anonymous Sudan DDoS operation, indicts 2 Sudanese brothers
The United States Department of Justice unsealed an indictment today against two Sudanese brothers suspected of being the operators of Anonymous Sudan, a notorious and dangerous hacktivist group known for conducting over 35,000 DDoS attacks in a year. [...]
Kategorie: Hacking & Security
Critical Kubernetes Image Builder flaw gives SSH root access to VMs
A critical vulnerability in Kubernetes could allow unauthorized SSH access to a virtual machine running an image created with the Kubernetes Image Builder project. [...]
Kategorie: Hacking & Security
Understand these seven password attacks and how to stop them
Hackers are always looking for new ways to crack passwords and gain access to your organization's data and systems. In this post, Specops Software discusses the seven most common password attacks and provide tips on how to defend against them. [...]
Kategorie: Hacking & Security
Malicious ads exploited Internet Explorer zero day to drop malware
The North Korean hacking group ScarCruft launched a large-scale attack in May that leveraged an Internet Explorer zero-day flaw to infect targets with the RokRAT malware and exfiltrate data. [...]
Kategorie: Hacking & Security
Amazon says 175 million customers now use passkeys to log in
Amazon has seen massive adoption of passkeys since the company quietly rolled them out a year ago, announcing today that over 175 million customers use the security feature. [...]
Kategorie: Hacking & Security
Amazon says 175 million customer now use passkeys to log in
Amazon has seen massive adoption of passkeys since the company quietly rolled them out a year ago, announcing today that over 175 million customers use the security feature. [...]
Kategorie: Hacking & Security
Finland seizes servers of 'Sipultie' dark web drugs market
The Finnish Customs office took down the website and seized the servers for the darknet marketplace 'Sipulitie' where criminals sold illegal narcotics anonymously. [...]
Kategorie: Hacking & Security
EDRSilencer red team tool used in attacks to bypass security
A tool for red-team operations called EDRSilencer has been observed in malicious incidents attempting to identify security tools and mute their alerts to management consoles. [...]
Kategorie: Hacking & Security
New FIDO proposal lets you securely move passkeys across platforms
The Fast IDentity Online (FIDO) Alliance has published a working draft of a new specification that aims to enable the secure transfer of passkeys between different providers. [...]
Kategorie: Hacking & Security
Over 200 malicious apps on Google Play downloaded millions of times
Google Play, the official store for Android, distributed over a period of one year more than 200 malicious applications, which cumulatively counted nearly eight million downloads. [...]
Kategorie: Hacking & Security
Cisco investigates breach after stolen data for sale on hacking forum
Cisco has confirmed to BleepingComputer that it is investigating recent claims that it suffered a breach after a threat actor began selling allegedly stolen data on a hacking forum. [...]
Kategorie: Hacking & Security