FBI and CISA Warn of BlackSuit Ransomware That Demands Up to $500 Million

The ransomware strain known as BlackSuit has demanded as much as $500 million in ransoms to date, with one individual ransom demand hitting $60 million. That's according to an updated advisory from the U.S. Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of...

CVE-2024-28186 SMTP Mail Credentials Disclosed in Error Log in freescout

FreeScout is an open source help desk and shared inbox built with PHP. A vulnerability has been identified in the Free Scout Application, which exposes SMTP server credentials used by an organization in the application to users of the application. This issue arises from the application storing...

Widespread credential phishing campaign abuses open redirector links

Microsoft has been actively tracking a widespread credential phishing campaign using open redirector links. Attackers combine these links with social engineering baits that impersonate well-known productivity tools and services to lure users into clicking. Doing so leads to a series of...

Tableau Server users open redirection vulnerability

Tableau Server is a set of file hosting servers. The product is used to manage and share data visualizations, interactive dashboards, workbooks and reports created by Tableau Desktop data visualization software. A security vulnerability exists in Tableau users that stems from the server's inabili...

Fiserv Forgets to Buy Domain It Used as System Default

Fiserv, a multi-billion-dollar cybersecurity tech provider for financial institutions, forgot to buy the domain used as a default in their systems’ email communications, according to a report. The blunder could have exposed its clients’ user information to anyone with a few bucks to buy the domai...

Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails

Microsoft Corp. today released software updates to plug four security holes that attackers have been using to plunder email communications at companies that use its Exchange Server products. The company says all four flaws are being actively exploited as part of a complex attack chain deployed by...

Microsoft Outlook CVE-2013-3905 Information Disclosure Vulnerability

Description Microsoft Outlook is prone to an information-disclosure vulnerability. Attackers can exploit this issue to gain access to potentially sensitive information that may aid in further attacks. Technologies Affected Microsoft Outlook 2007 Service Pack 3 Microsoft Outlook 2010 32-bit editio...

Manage Engine Exchange Reporter 4.1 Cross Site Scripting

Exploit for php platform in category local exploits Manage Engine Exchange Reporter v4.1 - Multiple Web Vulnerabilites Introduction: ============= Microsoft Exchange Server is, by a distance, the most popular communication, collaboration and email messaging application today! MS Exchange serves a...

Informant Says Hacks, Threats Followed Release Of Occupy Wall Street E-Mail

Thomas Ryan, the independent security consultant who released a trove of e-mail communications from the Occupy Wall Street protesters, said he has been the target of numerous hacks and has received death threats after revealing information on the protestors plans to authorities. In a conversation...