Skip to content
hacking news Page 192

hacking news

Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools

Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools

Dec 20, 2024Ravie LakshmananVulnerability / Cyber Attack A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as… 

Read More »Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools
CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List

CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List

Dec 20, 2024Ravie LakshmananCISA / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known… 

Read More »CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List
Thousands Download Malicious npm Libraries Impersonating Legitimate Tools

Thousands Download Malicious npm Libraries Impersonating Legitimate Tools

Dec 19, 2024Ravie LakshmananSupply Chain / Software Security Threat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node that have racked up thousands of downloads on the package… 

Read More »Thousands Download Malicious npm Libraries Impersonating Legitimate Tools
Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords

Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords

Dec 19, 2024Ravie LakshmananMalware / Botnet Juniper Networks is warning that Session Smart Router (SSR) products with default passwords are being targeted as part of a malicious campaign that deploys the Mirai botnet malware. The… 

Read More »Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords
Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits

Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits

Dec 19, 2024Ravie LakshmananVulnerability / Network Security Fortinet has issued an advisory for a now-patched critical security flaw impacting Wireless LAN Manager (FortiWLM) that could lead to disclosure of sensitive information. The vulnerability, tracked as… 

Read More »Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits
CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01

CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01

Dec 19, 2024Ravie LakshmananCloud Security / Encryption The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 25-01, ordering federal civilian agencies to secure their cloud environments and abide by Secure… 

Read More »CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01
Dutch DPA Fines Netflix €4.75 Million for GDPR Violations Over Data Transparency

Dutch DPA Fines Netflix €4.75 Million for GDPR Violations Over Data Transparency

Dec 19, 2024Ravie LakshmananPrivacy / Data Protection The Dutch Data Protection Authority (DPA) on Wednesday fined video on-demand streaming service Netflix €4.75 million ($4.93 million) for not giving consumers enough information about how it used… 

Read More »Dutch DPA Fines Netflix €4.75 Million for GDPR Violations Over Data Transparency
UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App

UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App

Dec 19, 2024Ravie LakshmananDisinformation / Malware The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed that a threat actor it tracks as UAC-0125 is leveraging Cloudflare Workers service to trick military personnel in the… 

Read More »UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App
HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft

HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft

Dec 18, 2024Ravie LakshmananEmail Security / Cloud Security Cybersecurity researchers have disclosed a new phishing campaign that has targeted European companies with an aim to harvest account credentials and take control of the victims’ Microsoft… 

Read More »HubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential Theft