CISA adds 66 vulnerabilities to list of bugs exploited in attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a massive set of 66 actively exploited vulnerabilities to its catalog of 'Known Exploited Vulnerabilities.' [...]
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
The Cybersecurity and Infrastructure Security Agency (CISA) has added a massive set of 66 actively exploited vulnerabilities to its catalog of 'Known Exploited Vulnerabilities.' [...]
Western Digital has fixed a critical severity vulnerability in the Samba vfs_fruit VFS module that enabled attackers to gain remote code execution with root privileges on unpatched My Cloud OS 5 devices. [...]
Western Digital has fixed a critical severity vulnerability in the Samba vfs_fruit VFS module that enabled attackers to gain remote code execution with root privileges on unpatched My Cloud OS 5 devices. [...]
The Federal Communications Commission (FCC) added Russian cybersecurity firm Kaspersky to its Covered List, saying it poses unacceptable risks to U.S. national security. [...]
With the US providing military aid to Ukraine and its sanctions damaging the Russian economy, the US government disclosed this week that there is intelligence that Russia is preparing for potential cyberattacks against US interests. [...]
Google has released Chrome 99.0.4844.84 for Windows, Mac, and Linux users to address a high-severity zero-day bug exploited in the wild. [...]
Threat analysts report having spotted a change in the operations of the Muhstik threat group, which has now switched to actively exploiting a Lua sandbox escape flaw in Redis. [...]
The cybercrime group behind the development of the Racoon Stealer password-stealing malware has suspended its operation after claiming that one of its developers died in the invasion of Ukraine. [...]
Maksim Berezan, an Estonian man linked to multimillion-dollar ransomware attacks, was sentenced on Friday to 66 months in prison for his involvement in online fraud schemes. [...]
Bug bounty platform HackerOne disabled Kaspersky's bug bounty program on Friday following sanctions imposed on Russia and Belarus after the invasion of Ukraine. [...]
A set of flaws affecting the world's leading messaging and email platforms, including Instagram, iMessage, WhatsApp, Signal, and Facebook Messenger, has allowed threat actors to create legitimate-looking phishing URLs for the past three years. [...]
Microsoft says Windows 7 recovery discs created using the Control Panel Backup and Restore app will fail to start after installing Windows updates released since January 11, 2022. [...]
Researchers have disclosed a 'replay attack' vulnerability affecting select Honda and Acura car models, that allows a nearby hacker to unlock and start your car wirelessly. Honda has no plans to fix the issue in older models at this time. [...]
Modern phishing kits sold on cybercrime forums as off-the-shelve packages feature multiple and sophisticated detection avoidance and traffic filtering systems to ensure that internet security solutions won't mark them as a threat. [...]
Morgan Stanley Wealth Management, the wealth and asset management division of Morgan Stanley, says some of its customers had their accounts compromised following vishing attacks. [...]
The U.S. has indicted four Russian government employees for their involvement in hacking campaigns targeting hundreds of companies and organizations from the global energy sector between 2012 and 2018. [...]
Western Digital has released new My Cloud OS firmware to fix a vulnerability exploited by bug hunters during the Pwn2Own 2021 hacking competition to achieve remote code execution. [...]
As Lapsus$ data extortion gang announced that several of its members are taking a vacation, the City of London Police say they have arrested seven individuals connected to the gang. [...]
Researchers report a new version of the JSSLoader remote access trojan being distributed malicious Microsoft Excel addins. [...]
The independent communications authority of South Africa (ICASA) has submitted a radical proposal to tackle the problem of SIM swapping attacks in the country, suggesting that local service providers should keep biometric data of cellphone number owners. [...]