Lucene search
K

773 matches found

Openbugbounty
Openbugbounty
added 2024/04/08 7:23 a.m.6 views

lanziserocreative.com Cross Site Scripting vulnerability OBB-3907978

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2024/03/29 11:3 a.m.12 views

Lessons from a Ransomware Attack against the British Library

You might think that libraries are kind of boring, but this self-analysis of a 2023 ransomware and extortion attack against the British Library is anything but...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/28 4:50 p.m.41 views

Finland Blames Chinese Hacking Group APT31 for Parliament Cyber Attack

The Police of Finland aka Poliisi has formally accused a Chinese nation-state actor tracked as APT31 for orchestrating a cyber attack targeting the country's Parliament in 2020. The intrusion, per the authorities, is said to have occurred between fall 2020 and early 2021. The agency described the...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/22 11:28 a.m.58 views

China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws

A China-linked threat cluster leveraged security flaws in Connectwise ScreenConnect and F5 BIG-IP software to deliver custom malware capable of delivering additional backdoors on compromised Linux hosts as part of an "aggressive" campaign. Google-owned Mandiant is tracking the activity under its...

10CVSS9.3AI score0.99999EPSS
Exploits48
The Hacker News
The Hacker News
added 2024/03/21 4:3 p.m.30 views

Russia Hackers Using TinyTurla-NG to Breach European NGO's Systems

The Russia-linked threat actor known as Turla infected several systems belonging to an unnamed European non-governmental organization NGO in order to deploy a backdoor called TinyTurla-NG TTNG. "The attackers compromised the first system, established persistence and added exclusions to antivirus...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/19 9:59 a.m.45 views

Suspected Russian Data-Wiping 'AcidPour' Malware Targeting Linux x86 Devices

A new variant of a data wiping malware called AcidRain has been detected in the wild that's specifically designed for targeting Linux x86 devices. The malware, dubbed AcidPour, is compiled for Linux x86 devices, SentinelOne's Juan Andres Guerrero-Saade said in a series of posts on X. "The new...

7.3AI score
Exploits0
Talos Blog
Talos Blog
added 2024/03/14 6:0 p.m.34 views

Not everything has to be a massive, global cyber attack

Some of my Webex rooms recently have been blowing up with memes about blaming Canada or wild speculation that a state-sponsored actor is carrying out some sort of major campaign. After a widespread outage of cellular service with AT&T and other carriers a few weeks ago, people were sure it was so...

6.8AI score0.01231EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/03/14 4:21 a.m.100 views

Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software

Fortinet has warned of a critical security flaw impacting its FortiClientEMS software that could allow attackers to achieve code execution on affected systems. "An improper neutralization of special elements used in an SQL Command 'SQL Injection' vulnerability CWE-89 in FortiClientEMS may allow a...

9.8CVSS9.8AI score0.97591EPSS
Exploits4
Malwarebytes
Malwarebytes
added 2024/03/13 6:52 p.m.22 views

ThreatDown achieves perfect score in latest AVLab assessment

ThreatDown has once again earned a perfect score in AVLabs January 2024 real-world malware detection tests, marking the eleventh consecutive quarter in achieving this feat. Let’s delve into the details of the test and how ThreatDown outperformed competitors in exhaustive testing. The AVLab...

7.1AI score
Exploits0
HackRead
HackRead
added 2024/03/12 12:12 p.m.15 views

Leicester City Council’s IT System and Phones Down Amid Cyber Attack

By Waqas Another day, another cyber attack on a local council in England! This is a post from HackRead.com Read the original post: Leicester City Councils IT System and Phones Down Amid Cyber Attack...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/09 4:1 a.m.48 views

Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets

Microsoft on Friday revealed that the Kremlin-backed threat actor known as Midnight Blizzard aka APT29 or Cozy Bear managed to gain access to some of its source code repositories and internal systems following a hack that came to light in January 2024. "In recent weeks, we have seen evidence that...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/08 7:48 a.m.28 views

QEMU Emulator Exploited as Tunneling Tool to Breach Company Network

Threat actors have been observed leveraging the QEMU open-source hardware emulator as tunneling software during a cyber attack targeting an unnamed "large company" to connect to their infrastructure. While a number of legitimate tunneling tools like Chisel, FRP, ligolo, ngrok, and Plink have been...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/03/06 7:1 a.m.56 views

New APT Group 'Lotus Bane' Behind Recent Attacks on Vietnam's Financial Entities

A financial entity in Vietnam was the target of a previously undocumented threat actor called Lotus Bane as part of a cyber attack that was first detected in March 2023. Singapore-headquartered Group-IB described the hacking outfit as an advanced persistent threat group that's believed to have be...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/24 11:49 a.m.30 views

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. "Microsoft will automatically enable th...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/14 2:39 p.m.37 views

Microsoft, OpenAI Warn of Nation-State Hackers Weaponizing AI for Cyber Attacks

Nation-state actors associated with Russia, North Korea, Iran, and China are experimenting with artificial intelligence AI and large language models LLMs to complement their ongoing cyber attack operations. The findings come from a report published by Microsoft in collaboration with OpenAI, both ...

7AI score
Exploits0
hivepro
hivepro
added 2024/02/07 11:18 a.m.15 views

Ukraine Hit by Cyber Attack 2,000+ Computers Infected by DIRTYMOE

Summary: The UAC-0027 group executed a sophisticated cyber attack against Ukrainian organizations. Their weapon of choice was the notorious DIRTYMOE PURPLEFOX malware. This modular malware has been active for over half a decade and poses a serious threat. Threat Level - Amber | Attack Report For ...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/03 2:55 a.m.87 views

AnyDesk Hacked: Popular Remote Desktop Software Mandates Password Reset

Remote desktop software maker AnyDesk disclosed on Friday that it suffered a cyber attack that led to a compromise of its production systems. The German company said the incident, which it discovered following a security audit, is not a ransomware attack and that it has notified relevant...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2024/01/26 6:3 a.m.48 views

Microsoft Warns of Widening APT29 Espionage Attacks Targeting Global Orgs

Microsoft on Thursday said the Russian state-sponsored threat actors responsible for a cyber attack on its systems in late November 2023 have been targeting other organizations and that it's currently beginning to notify them. The development comes a day after Hewlett Packard Enterprise HPE...

7.3AI score
Exploits0
CNNVD
CNNVD
added 2024/01/23 12:0 a.m.4 views

Hitron Systems DVR Security Vulnerability

Hitron Systems DVR is a digital video recorder from Hitron Systems, a South Korean company. A security vulnerability exists in Hitron Systems DVR LGUVR-4H versions 1.02 through 4.02, which stems from incorrect input validation. An attacker could exploit the vulnerability to trigger a cyber attack...

7.5CVSS6.7AI score0.00496EPSS
Exploits0References2
HackRead
HackRead
added 2024/01/15 5:23 p.m.15 views

British Cosmetics Retailer Lush Investigating Cyber Attack

By Waqas From Bubbles to Bytes: Lush investigates 'cyber incident' without giving any substantial information to customers. This is a post from HackRead.com Read the original post: British Cosmetics Retailer Lush Investigating Cyber Attack...

7AI score
Exploits0
Rows per page
Query Builder