Skip to content
cyber security news today Page 13

cyber security news today

A Comprehensive Guide to Finding Service Accounts in Active Directory

A Comprehensive Guide to Finding Service Accounts in Active Directory

Oct 22, 2024Ravie LakshmananIdentity Management / Security Automation Service accounts are vital in any enterprise, running automated processes like managing applications or scripts. However, without proper monitoring, they can pose a significant security risk due… 

Bumblebee and Latrodectus Malware Return with Sophisticated Phishing Strategies

Bumblebee and Latrodectus Malware Return with Sophisticated Phishing Strategies

Oct 22, 2024Ravie LakshmananMalware / Threat Intelligence Two malware families that suffered setbacks in the aftermath of a coordinated law enforcement operation called Endgame have resurfaced as part of new phishing campaigns. Bumblebee and Latrodectus,… 

Malicious npm Packages Target Developers’ Ethereum Wallets with SSH Backdoor

Malicious npm Packages Target Developers’ Ethereum Wallets with SSH Backdoor

Oct 22, 2024Ravie LakshmananVulnerability / Supply Chain Cybersecurity researchers have discovered a number of suspicious packages published to the npm registry that are designed to harvest Ethereum private keys and gain remote access to the… 

VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability

VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability

Oct 22, 2024Ravie LakshmananVulnerability / Enterprise Security VMware has released software updates to address an already patched security flaw in vCenter Server that could pave the way for remote code execution. The vulnerability, tracked as… 

CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack

CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack

Oct 22, 2024Ravie LakshmananVulnerability / Cyber Threat The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities (KEV) catalog, following reports of… 

Guide:  The Ultimate Pentest Checklist for Full-Stack Security

Guide:  The Ultimate Pentest Checklist for Full-Stack Security

Oct 21, 2024The Hacker NewsPenetration Testing / API Security Pentest Checklists Are More Important Than Ever Given the expanding attack surface coupled with the increasing sophistication of attacker tactics and techniques, penetration testing checklists have… 

Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers

Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers

Oct 21, 2024Ravie LakshmananEncryption / Data Protection Cybersecurity researchers have discovered severe cryptographic issues in various end-to-end encrypted (E2EE) cloud storage platforms that could be exploited to leak sensitive data. “The vulnerabilities range in severity:… 

Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials

Hackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login Credentials

Oct 20, 2024Ravie LakshmananVulnerability / Email Security Unknown threat actors have been observed attempting to exploit a now-patched security flaw in the open-source Roundcube webmail software as part of a phishing attack designed to steal…