[ad_1] Microsoft has patched an Azure Active Directory (Azure AD) authentication flaw that could allow threat actors to elevate privileges and potentially take full control of the target's account. This bad configuration (named nOAuth by the Descope security team who…
[ad_1] Staying ahead of threat actors is a game of cat and mouse, with attackers often having the upper hand. In 2023, LockBit was the most deployed ransomware variation across the world. And the year before, LockBit was known to…
[ad_1] Zyxel is warning users of its Network Attached Storage (NAS) devices to update their firmware to address a critically severe command injection vulnerability. The newly discovered vulnerability, CVE-2023-27992is a pre-authentication command injection issue that could allow an unauthenticated attacker…
[ad_1] Image: Bing Image Creator A threat group tracked as APT28 and linked to the Main Intelligence Directorate of the Russian General Staff (GRU) hacked Roundcube email servers belonging to several Ukrainian organizations, including government entities. In these attacks, the…
[ad_1] More than 101,000 ChatGPT user accounts have been stolen by info-stealing malware in the past year, according to dark web market data. Cyberintelligence firm Group-IB reports having identified more than a hundred thousand logs of information thieves on various…
[ad_1] Des Moines Public Schools, the largest school district in Iowa, today confirmed that a ransomware attack was behind an incident that caused it to take all networked systems offline on January 9, 2023. Although the school district also received…
[ad_1] A malware campaign uses fake OnlyFans content and adult decoys to install a remote access Trojan called "DcRAT", allowing threat actors to steal data and credentials or deploy ransomware on the infected device. OnlyFans is a content subscription service…
[ad_1] Malwarebytes has released a patch for a known issue breaking Google Chrome on customer systems after installing Windows 11 Cumulative Update 22H2 KB5027231 released last week. On Wednesday, the company confirmed user reports that the Google Chrome user interface…
[ad_1] ASUS has released new firmware with cumulative security updates that fix vulnerabilities in multiple router models, warning customers to update their devices immediately or restrict WAN access until they are secured. As the company explains, the newly released firmware…
[ad_1] Three Android apps on Google Play were used by state-sponsored hackers to collect intelligence from targeted devices, such as location data and contact lists. Malicious Android apps were discovered by Cyfirmewhich attributed the operation with medium confidence to the…
