Skip to content
information security Page 49

information security

New Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions

New Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions

Aug 10, 2024Ravie LakshmananBrowser Security / Online Fraud An ongoing, widespread malware campaign has been observed installing rogue Google Chrome and Microsoft Edge extensions via a trojan distributed via fake websites masquerading as popular software.… 

Read More »New Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions
Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure

Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure

Aug 10, 2024Ravie LakshmananVulnerability / Enterprise Security Microsoft has disclosed an unpatched zero-day in Office that, if successfully exploited, could result in unauthorized disclosure of sensitive information to malicious actors. The vulnerability, tracked as CVE-2024-38200… 

Read More »Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure
Experts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service Takeovers

Experts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service Takeovers

Aug 09, 2024Ravie LakshmananCloud Security / Data Protection Cybersecurity researchers have discovered multiple critical flaws in Amazon Web Services (AWS) offerings that, if successfully exploited, could result in serious consequences. “The impact of these vulnerabilities… 

Read More »Experts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service Takeovers
Microsoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPE

Microsoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPE

Aug 09, 2024Ravie LakshmananVulnerability / Network Security Microsoft on Thursday disclosed four medium-severity security flaws in the open-source OpenVPN software that could be chained to achieve remote code execution (RCE) and local privilege escalation (LPE).… 

Read More »Microsoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPE
New Flaws in Sonos Smart Speakers Allow Hackers to Eavesdrop on Users

New Flaws in Sonos Smart Speakers Allow Hackers to Eavesdrop on Users

Aug 09, 2024Ravie LakshmananIoT Security / Wireless Security Cybersecurity researchers have uncovered weaknesses in Sonos smart speakers that could be exploited by malicious actors to clandestinely eavesdrop on users. The vulnerabilities “led to an entire… 

Read More »New Flaws in Sonos Smart Speakers Allow Hackers to Eavesdrop on Users
DOJ Charges Nashville Man for Helping North Koreans Get U.S. Tech Jobs

DOJ Charges Nashville Man for Helping North Koreans Get U.S. Tech Jobs

Aug 09, 2024Ravie LakshmananNational Security / Identity Theft The U.S. Department of Justice (DoJ) on Thursday charged a 38-year-old individual from Nashville, Tennessee, for allegedly running a “laptop farm” to help get North Koreans remote… 

Read More »DOJ Charges Nashville Man for Helping North Koreans Get U.S. Tech Jobs
CISA Warns of Hackers Exploiting Legacy Cisco Smart Install Feature

CISA Warns of Hackers Exploiting Legacy Cisco Smart Install Feature

Aug 09, 2024Ravie LakshmananVulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed that threat actors are abusing the legacy Cisco Smart Install (SMI) feature with the aim of accessing sensitive… 

Read More »CISA Warns of Hackers Exploiting Legacy Cisco Smart Install Feature
University Professors Targeted by North Korean Cyber Espionage Group

University Professors Targeted by North Korean Cyber Espionage Group

Aug 08, 2024Ravie LakshmananCyber Attack / Cyber Espionage The North Korea-linked threat actor known as Kimsuky has been linked to a new set of attacks targeting university staff, researchers, and professors for intelligence gathering purposes.… 

Read More »University Professors Targeted by North Korean Cyber Espionage Group