Ransomware hiding in fake AI, business tools

Artificial intelligence AI and small business tools are being abused as smokescreens to hit unsuspecting victims with ransomware. In the masquerade campaigns discovered by Cisco Talos, cybercriminals hid malware behind software and install packages that mimicked the websites or names of the lead...

Fake ChatGPT and InVideo AI Downloads Deliver Ransomware

Cisco Talos uncovers CyberLock ransomware, LuckyGh0$t, and Numero malware masquerading as legitimate software and AI tool installers. Learn…...

New OBSCURE#BAT Malware Targets Users with Fake Captchas

OBSCUREBAT malware campaign exploits social engineering & fake software downloads to evade detection, steal data and persist on…...

Security Advisory EPM January 2025 for EPM 2024 and EPM 2022 SU6

Update Regarding Ivanti EPM Endpoint Manager Downloads As part of our ongoing efforts to enhance your experience and streamline our processes we have migrated the software downloads from the Ivanti Community to the Ivanti License System ILS. You will continue to use your current Ivanti Single...

Security Advisory EPM November 2024 for EPM 2024 and EPM 2022 SU6

Update Regarding Ivanti EPM Endpoint Manager Downloads As part of our ongoing efforts to enhance your experience and streamline our processes we have migrated the software downloads from the Ivanti Community to the Ivanti License System ILS. You will continue to use your current Ivanti Single...

Security Advisory EPM September 2024 for EPM 2024 and EPM 2022

Update Regarding Ivanti EPM Endpoint Manager Downloads As part of our ongoing efforts to enhance your experience and streamline our processes we have migrated the software downloads from the Ivanti Community to the Ivanti License System ILS. You will continue to use your current Ivanti Single...

SA40208 - [Pulse Secure] Single specific file content disclosure issue (CVE-2016-4788)

Ivanti 4th of March 2024 - This isn't an active SA and any new edits are part of an article maintenance project. An issue was discovered with the Pulse Connect Secure device that could allow an attacker to print out contents from a specific file. The file contents do not contain any configuration...

Googling for Software Downloads Is Extra Risky Right Now

Plus: The FTC cracks down on GoodRx, Microsoft boots “verified” phishing scammers, researchers disclose EV charger vulnerabilities, and more...

MCCrash: Cross-platform DDoS botnet targets private Minecraft servers

Malware operations continue to rapidly evolve as threat actors add new capabilities to existing botnets, increasingly targeting and recruiting new types of devices. Attackers update malware to target additional operating systems, ranging from PCs to IoT devices, growing their infrastructure...

KLA12291 DoS vulnerability in Apache Tomcat

A denial of service vulnerability was found in Apache Tomcat. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Apache Tomcat 8.5.x vulnerabilities Apache Tomcat 9.x vulnerabilities Apache Tomcat 10.0.x vulnerabilities Related products Apache-Tomcat CV...

Working Together to Manage Global Internet Traffic Increases

As businesses and consumers around the world adjust their routines amid the various COVID-19 restrictions, the internet is being used at a scale that the world has never experienced. In addition to millions of people who are now working from home, students all over the world are going online to...

KLA11679 Multiple vulnerabilities in Apache Tomcat

Multiple vulnerabilities were found in Apache Tomcat. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. HTTP request smuggling vulnerability can be exploited remotely to obtain sensitive...

Media Acceleration Enhances Online Experiences for OTT Video, Games and Software Downloads

Online audiences are growing and so are their expectations for the quality of experience. You know exactly what I mean if you've ever been frustrated with the rate at which a game is downloading or if your video stalls at the most inopportune time. Online streaming is no longer novel, it's the...

PostgreSQL 9.1.x < 9.1.24 / 9.2.x < 9.2.19 / 9.3.x < 9.3.15 / 9.4.x < 9.4.10 / 9.5.x < 9.5.5 Multiple Vulnerabilities

Binary data 9963.prm...

SOL32049025 - BIND vulnerability CVE-2016-6170

Vulnerability Recommended Actions If you are running a version listed in the Versions known to be vulnerable column, you can eliminate this vulnerability by upgrading to a version listed in the Versions known to be not vulnerable column. If the table lists only an older version than what you are...

openSUSE Security Update : MozillaFirefox (openSUSE-2015-548)

update to Firefox 40.0 bnc940806 - Added protection against unwanted software downloads - Suggested Tiles show sites of interest, based on categories from your recent browsing history - Hello allows adding a link to conversations to provide context on what the conversation will be about - New...

openSUSE: Security Advisory for MozillaFirefox (openSUSE-SU-2015:1390-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for MozillaFirefox (important)

update to Firefox 40.0 bnc940806 Added protection against unwanted software downloads Suggested Tiles show sites of interest, based on categories from your recent browsing history Hello allows adding a link to conversations to provide context on what the conversation will be about New style for...

SOL16915 - OpenSSL vulnerability CVE-2015-1792

For BIG-IP, Enterprise Manager, and BIG-IQ systems, the vulnerable code exists on the system; however, it is not used in the way that exposes the system to the vulnerability. While BIG-IP v12.0.0 ships with an OpenSSL version prior to 1.0.1n, the libraries necessary to fix the issue were merged...

SOL16010 - GNU C Library (glibc) vulnerability CVE-2014-7817

These versions of BIG-IP, BIG-IQ, and Enterprise Manager have a vulnerable version of glibc code. However, the risk level for this vulnerability is considered LOW because F5 product development has verified that the vulnerable code is NOT used in a way that would make an exploit possible. These...