After a security researcher published the PoC exploit code targeting a critical vCenter RCE vulnerability, attackers are now actively scanning for vulnerable Internet-exposed VMware servers.
Worryingly, more than nine in 10 (93%) of those organizations that experienced attacks in this period admitted that at least one was successful, according to a new study by Bridewell Consulting.
A variant of Masslogger Trojan is being used by criminals to steal Microsoft Outlook, Google Chrome, and Messenger account credentials.
An automated TDoS attack makes use of VoIP software and Session Initiation Protocol (SIP) to make tens or hundreds of calls, simultaneously or in rapid succession to jam targeted services.
Researchers discovered two pieces of malware in a span of two weeks that appear to run natively on Apple’s recently introduced M1 System-on-Chip (SoC).
Security researchers at Detectify have discovered a series of middleware misconfigurations in Nginx config files from GitHub that could leave web applications vulnerable to attack.
Kasablanca, a hacker group, has targeted cyberattacks on at least six well-known Bangladeshi financial and government organizations, says the e-Government Computer Incident Response Team (e-Gov CIRT).
One of the worst hacks yet discovered had an impact on all four. SolarWinds and Microsoft programs were used to attack others and the hack struck at about 100 U.S. companies and nine federal agencies.
MalwareBytes reported a newly discovered threat group named LazyScripter targeting the International Air Transport Association (IATA) members, airlines, and refugees to Canada.
The feature is included in the web browser’s latest release — alongside multiple picture-in-picture views — and essentially works by keeping cookies isolated between each site you visit.