Tracked as CVE-2021-21999 and featuring a CVSS score of 7.8, the issue is a local privilege escalation that requires for an attacker to have normal access to a VM for successful exploitation.
The investment from Silver Lake comes in the form of convertible notes and Splunk says it plans on using the money to “fund growth initiatives and manage its capital structure.”
Workforce says it learned of the breach on April 13, 2021, and ‘immediately took steps to secure the network.’ Workforce West Virginia reports that files were not downloaded, extracted or manipulated.
It was led by Prefix Capital and ForgePoint Capital, with participation from Accenture Ventures and individual investors Tom Gonser, Omkhar Arasarathnam, Bob Gleichauf, David Tsao, and Sameer Sait.
A new phishing campaign that counterfeits an Outlook Security update email is luring employees to open a New Policy PDF to harvest their Office 365 credentials. There is a dire need for a continuously evolving security strategy which also highlights the importance of having multiple layers of security for robust protection.
Starslord loader has been reported active again with its target in the U.K and Italy. The malware creator is regularly changing the first stage script, while the main module largely remains the same. sLoad is a potential threat; it is important that organizations take this threat more seriously and apply adequate security measures.
Cybercriminals are fooling Windows users under the guise of a COVID-19 vaccination registration to infect their machines with a new version of the Agent Tesla RAT. It indicates that existing vaccination campaigns and COVID-19 are being exploited by cybercriminals, and users need to stay alert while receiving emails from unknown senders.
This type of attack may lead to dire consequences and may be used in both poisoning scenarios by subverting computer vision algorithms and evasion scenarios like making stealth deepfakes.
Recent arrests of Cl0p members were seen as a victory against the gang that has hit dozens of victims, including U.S. bank Flagstar, law firm Jonesday, Shell, and some universities in the U.S.
Researchers disclosed a critical vulnerability affecting Pling-based FOSS marketplaces for Linux platform that could be abused to stage supply-chain attacks and achieve remote code execution.