Skip to main content

BleepingComputer.com

"Microsoft Edge, Teams get fixes for zero-day in open-source libraries."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 03 October 2023, 1504 UTC.  Content provided by "BleepingComputer.com."

Source: https://www.bleepingcomputer.com/ ("BleepingComputer.com").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST ARTICLES

Microsoft Edge, Teams get fixes for zero-days in open-source libraries

  • Microsoft released emergency security updates for Edge, Teams, and Skype to patch two zero-day vulnerabilities in open-source libraries used by the three products.

  • Microsoft 365
     
    SECURITY

EvilProxy uses indeed.com open redirect for Microsoft 365 phishing

  • A recently uncovered phishing campaign is targeting Microsoft 365 accounts of key executives in U.S.-based organizations by abusing open redirects from the Indeed employment website for job listings.

  • Tor Browsers
     
    SECURITY, SOFTWARE

Microsoft Defender no longer flags Tor Browser as malware

  • For Windows users who frequently use the TorBrowser, there's been a pressing concern. Recent versions of the TorBrowser, specifically because of the tor.exe file it contained, were being flagged as potential threats by Windows Defender.

  • Exim
     
    SECURITY

Exim patches three of six zero-day bugs disclosed last week

  • Exim developers have released patches for three of the zero-days disclosed last week through Trend Micro's Zero Day Initiative (ZDI), one of them allowing unauthenticated attackers to gain remote code execution.

  • Bunny
     
    SECURITY

New BunnyLoader threat emerges as a feature-rich malware-as-a-service

  • Security researchers discovered a new malware-as-a-service (MaaS) named 'BunnyLoader' advertised on multiple hacker forums as a fileless loader that can steal and replace the contents of the system clipboard.

  • Hacker Screens
     
    SECURITY

Ransomware gangs now exploiting critical TeamCity RCE flaw

  • Ransomware gangs are now targeting a recently patched critical vulnerability in JetBrains' TeamCity continuous integration and deployment server.

  • Hacker
     
    SECURITY

Exploit available for critical WS_FTP bug exploited in attacks

  • Over the weekend, security researchers released a proof-of-concept (PoC) exploit for a maximum severity remote code execution vulnerability in Progress Software's WS_FTP Server file sharing platform.

  • Arm
     
    SECURITY, MOBILE

Arm warns of Mali GPU flaws likely exploited in targeted attacks

  • Arm in a security advisory today is warning of an actively exploited vulnerability affecting the widely-used Mali GPU drivers.

  • Motel One
     
    SECURITY

Motel One discloses data breach following ransomware attack

  • The Motel One Group has announced that it has been targeted by ransomware actors who managed to steal some customer data, including the details of 150 credit cards.

  • Hacker phone scam
     
    SECURITY

FBI warns of surge in 'phantom hacker' scams impacting elderly

  • The FBI issued a public service announcement warning of a significant increase in 'phantom hacker' scams targeting senior citizens across the United States.

  • Amazon Prime
     
    SECURITY, TECHNOLOGY

Amazon sends Mastercard, Google Play gift card order emails by mistake

  • Amazon mistakenly sent out purchase confirmation emails for Hotels.com, Google Play, and Mastercard gift cards to customers, making many worried their accounts were compromised.

  • Hacker
     
    SECURITY

Meet LostTrust ransomware — A likely rebrand of the MetaEncryptor gang

  • The LostTrust ransomware operation is believed to be a rebrand of MetaEncryptor, utilizing almost identical data leak sites and encryptors.

  • Key Decryptor Unlock
     
    SECURITY

New Marvin attack revives 25-year-old decryption flaw in RSA

  • A flaw related to the PKCS #1 v1.5 padding in SSL servers discovered in 1998 and believed to have been resolved still impacts several widely-used projects today.

  • Cloudflare
     
    SECURITY

Cloudflare DDoS protections ironically bypassed using Cloudflare

  • Cloudflare's Firewall and DDoS prevention can be bypassed through a specific attack process that leverages logic flaws in cross-tenant security controls.

  • Outlook
     
    MICROSOFT

Microsoft fixes Outlook prompts to reopen closed windows

  • Microsoft has resolved a known issue that caused Outlook Desktop to unexpectedly prompt users to reopen previously closed windows.

  • Dark Angel datacenter
     
    SECURITY

The Week in Ransomware - September 29th 2023 - Dark Angels

  • This week has been a busy ransomware week, with ransomware attacks having a massive impact on organizations and the fallout of the MOVEit breaches to be disclosed.

  • Exim
     
    SECURITY

Millions of Exim mail servers exposed to zero-day RCE attacks

  • A critical zero-day vulnerability in all versions of Exim mail transfer agent (MTA) software can let unauthenticated attackers gain remote code execution (RCE) on Internet-exposed servers.

VIEW MORE

Labels:

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

Cyber War News Today.

"International Defence Cooperation:  A key to regional stability." Views expressed in this cybersecurity, cyber espionage, and cyber crime update are those of the reporters and correspondents.  Accessed on 15 December 2024, 0134 UTC. Content and Source:   https://cyberwar.einnews.com/news/cyber-war-news?n=2&code=FA9GNesSTpp2rjO1&utm_source=NewsletterNews&utm_medium=email&utm_campaign=Cyber+War+News&utm_content=navig Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Cyber War News Monitoring Get by    Email    •     RSS Published on  Dec 13, 2024 The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 13.3% WILMINGTON, DE, UNITED STATES, December 13, 2024 /⁨EINPresswire.com⁩/ -- According to the report, The Cyber Warfare Market Size Reach USD 127.1 Billion by 2032 Exhibiting CAGR at 1...
Post a Comment
Read more

The Cyberwire Daily Briefing

"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deplo...
Post a Comment
Read more

SecurityWeek Briefing

"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 September 2024, 0035 UTC. Content and Source:  https://www.securityweek.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controvers...
Post a Comment
Read more