[ad_1] Fortinet says unknown attackers exploited a patched FortiOS SSL-VPN vulnerability last month in attacks against government organizations and government-related targets. The security flaw (CVE-2022-42475) abused in these incidents is a heap-based buffer overflow weakness found in FortiOS SSLVPNd that…

[ad_1] A Canadian system administrator discovered that an Android TV box purchased from Amazon was preloaded with persistent and sophisticated malware embedded in its firmware. The malware was discovered by Daniel Milisic, who created a script and instructions to help…

[ad_1] Microsoft is testing a new diagnostic tool in Windows 11 that lets you create live kernel memory dumps without disrupting Windows operation. A dynamic kernel dump is a snapshot of kernel memory at dump time, which is then saved…

[ad_1] Hackers are actively exploiting a recently patched critical vulnerability in Control Web Panel (CWP), a server management tool formerly known as CentOS Web Panel. The security issue is identified as CVE-2022-44877 and received a critical severity score of 9.8…

[ad_1] A cyberattack on Royal Mail, the UK's largest mail delivery service, has been linked to the LockBit ransomware operation. Yesterday the Royal Mail revealed that they experienced a cyber incident which forced them to stop international shipping services. “Royal…

[ad_1] The operators of the StrRAT and Ratty remote access Trojans are launching a new campaign using polyglot MSI/JAR and CAB/JAR files to evade detection by security tools. The campaign was spotted by deep instinct, which reports that threat actors…

[ad_1] Microsoft notified customers today that Exchange Server 2013 will reach its Extended End of Support (EOS) date in 90 days on April 11, 2023. Exchange Server 2013 was released in January 2013 and has already reached the mainstream end…

[ad_1] Microsoft says Cuba ransomware threat actors are hacking Microsoft Exchange servers without patching against a critical Server-Side Request Forgery (SSRF) vulnerability also exploited in Play ransomware attacks. Cloud computing provider Rackspace recently confirmed that Play ransomware used a zero-day…

[ad_1] Cryptocurrency wallet provider MetaMask is warning users of a new scam called "Address Poisoning" used to trick users into sending funds to a scammer rather than an intended recipient. When MetaMask users send or receive cryptocurrency, it appears in…

[ad_1] Several call centers across Europe controlled by a criminal organization involved in online investment fraud were shut down this week following a cross-border investigation opened in June 2022. Law enforcement agencies in Bulgaria, Cyprus, Germany and Serbia found that…