Skip to content
information security Page 21

information security

Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs

Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs

Nov 13, 2024Ravie LakshmananVulnerability / Patch Tuesday Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild. The security vulnerabilities… 

New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration

New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration

Nov 12, 2024Ravie LakshmananVirtualization / Vulnerability Cybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution (RCE) The issue, per findings from… 

New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns

New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns

Nov 12, 2024Ravie LakshmananEmail Security / Threat Intelligence Cybersecurity researchers are calling attention to a new sophisticated tool called GoIssue that can be used to send phishing messages at scale targeting GitHub users. The program,… 

5 Ways Behavioral Analytics is Revolutionizing Incident Response

5 Ways Behavioral Analytics is Revolutionizing Incident Response

Behavioral analytics, long associated with threat detection (i.e. UEBA or UBA), is experiencing a renaissance. Once primarily used to identify suspicious activity, it’s now being reimagined as a powerful post-detection technology that enhances incident response… 

New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks

New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks

Cybersecurity researchers have flagged a new ransomware family called Ymir that was deployed in an attack two days after systems were compromised by a stealer malware called RustyStealer. “Ymir ransomware introduces a unique combination of… 

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04

Nov 11, 2024Ravie LakshmananCybersecurity / Hacking News ⚠️ Imagine this: the very tools you trust to protect you online—your two-factor authentication, your car’s tech system, even your security software—turned into silent allies for hackers. Sounds… 

New GootLoader Campaign Targets Users Searching for Bengal Cat Laws in Australia

New GootLoader Campaign Targets Users Searching for Bengal Cat Laws in Australia

Nov 11, 2024Ravie LakshmananMalware / SEO Poisoning In an unusually specific campaign, users searching about the legality of Bengal Cats in Australia are being targeted with the GootLoader malware. “In this case, we found the… 

Security Flaws in Popular ML Toolkits Enable Server Hijacks, Privilege Escalation

Security Flaws in Popular ML Toolkits Enable Server Hijacks, Privilege Escalation

Nov 11, 2024Ravie LakshmananMachine Learning / Vulnerability Cybersecurity researchers have uncovered nearly two dozen security flaws spanning 15 different machine learning (ML) related open-source projects. These comprise vulnerabilities discovered both on the server- and client-side,…