Information Security newsfeeds from around the world in English and French. Find it all in one place since 2004. You'll find online the last 5 years.
The new ransomware group, LockBit, is targeting the VMware ESXi servers or virtual machines with their new Linux encryptor that is dubbed as “LockBit Linux-ESXi Locker version 1.0.” Nowadays, companies and organizations are shifting their mode to cloud computing and virtual machines since they are easy to access and handle. While this mode of computing […]
Continue ReadingOn January 18, opensubtitles.org, one of the largest subtitles websites, faced a data breach. OpenSubtitles posted on their forum that they were contacted by a hacker on telegram in August 2021. It seems like the hacker was able to breach their server and get sensitive information. As every cybercriminal does, the hacker also asked for […]
Continue ReadingIn a recent ongoing Emotet malware campaign, it has been identified that the threat actors behind this malicious campaign are using the unconventional IP address formats for the first time to confuse and deceive the security solutions. Here the threat actors have used hexadecimal and octal representations of the IP address. They use this to […]
Continue ReadingKaspersky Lab experts have recently discovered a security vulnerability in UEFI firmware, and this vulnerability was detected while studying the Firmware Scanner logs at the end of 2021. During the further analysis, they found that the threat actors had modified one of the components in the firmware image that enabled the attackers to change the […]
Continue ReadingMicrosoft for Windows 10 and Windows 11 has recently listed 25 dead administrative templates (ADMX) policies in which Microsoft has clearly notified the IT Professionals to stop utilizing them. At Microsoft, a program manager on the Windows updates team has affirmed that all the policies that were listed are ineffective and they have been replaced […]
Continue ReadingCisco Redundancy Configuration Manager (RCM) for Cisco StarOS Software had multiple vulnerabilities which could allow an unauthenticated attacker to execute arbitrary commands or disclose sensitive information with “root” privileges. These vulnerabilities were found during Internal Security Testing. It seems that there was no workaround for these vulnerabilities. Cisco’s PSIRT claims that no public announcement has […]
Continue ReadingThe cybercriminals are actively abusing the Telegram messenger for setting up underground channels and selling stolen financial details on them and also executing their other illicit activities as well. Why are threat actors abusing Telegram instant messaging service? They did so due to its features and user base, as Telegram has an active user base […]
Continue ReadingA new critical vulnerability has been fixed that was detected in Zoho’s Desktop Central and Desktop Central MSP; this security flaw allows an attacker to bypass the authentication and remotely perform malicious actions on the compromised server. The flaws have been tracked as “CVE-2021-44757,” an authentication bypass vulnerability, and have been fixed in the latest […]
Continue ReadingThe cybersecurity researchers at Microsoft have recently reported that on the websites of some Ukrainian organizations and government agencies, hackers are constantly attacking with malicious software and malware. It has been noted that the malicious software used looks like ransomware, but without a ransom mechanism. In short, it is used by the attackers to disrupt […]
Continue ReadingRecently it has been reported that a critical vulnerability has been detected in the Unified Contact Center Enterprise (UCCE) portfolio of Cisco. By exploiting this critical security flaw a hacker can easily get privilege-escalation and platform takeover through which could access the telephone queues remotely. This critical vulnerability is tracked as CVE-2022-20658, and it has […]
Continue Reading