Microsoft's patch for a 0-day exploited by Russian spies fell short. Another Windows flaw is under attack
Second try's a charm?
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Second try's a charm?
Second try's a charm? Microsoft and the US Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are exploiting a zero-click Windows flaw that can expose sensitive information on vulnerable systems.…
Russians, Chinese spies, run-of-the-mill crims … Come one, come all. Everyone from Russian and Chinese government goons to financially motivated miscreants is exploiting a long-since-patched WinRAR vuln to bring you infostealers and Remote Access Trojans (RATs).…
Single click on a phishing link in Google browser blew up sandbox on Windows Google pushed out an emergency patch for Chrome on Windows this week to stop attackers exploiting a sandbox-breaking zero-day vulnerability, seemingly used by snoops to target certain folks in Russia.…
But can you really take crims at their word? Supply chain integration vendor Cleo has urged its customers to upgrade three of its products after an October security update was circumvented, leading to widespread ransomware attacks that Russia-linked gang Cl0p has claimed are its evil work.…
The 'security issue' was caused by a 9.8-rated Magento flaw Adobe patched back in June Bad news for anyone who purchased a Cisco hoodie earlier this month: Suspected Russia-based attackers injected data-stealing JavaScript into the networking giant's online store selling Cisco-branded merch.…
Putin's pals use 'GooseEgg' malware to launch attacks you can defeat with patches or deletion Russian spies are exploiting a years-old Windows print spooler vulnerability and using a custom tool called GooseEgg to elevate privileges and steal credentials across compromised networks, according to Microsoft Threat Intelligence.…
Smells like Russian cyber spies (again) A vulnerability in Zimbra's software is being exploited right now by miscreants to compromise systems and attack selected government organizations, experts reckon.…
Patch flaws and enforce authentication policies, CISA and FBI warn State-sponsored threat actors from Russia over the last year breached a non-governmental organization (NGO) by leveraging multifactor authentication (MFA) defaults and exploiting the PrintNightmare vulnerability in Windows Print Spooler.…
As sanctioned Russian infosec firm says it has working exploit code Adobe has put out a warning about another critical security bug affecting its Magento/Adobe Commerce product – and IT pros need to install a second patch after an initial update earlier this week failed to fully plug the first one.…