Aggregator

⚡ Weekly Recap: Proxy Botnet, Office Zero-Day, MongoDB Ransoms, AI Hijacks & New Threats

The Hackers News
3 months 2 weeks ago
Every week brings new discoveries, attacks, and defenses that shape the state of cybersecurity. Some threats are stopped quickly, while others go unseen until they cause real damage. Sometimes a single update, exploit, or mistake changes how we think about risk and protection. Every incident shows how defenders adapt — and how fast attackers try to stay ahead. This week’s recap brings you the
The Hacker News

Securing the Mid-Market Across the Complete Threat Lifecycle

The Hackers News
3 months 2 weeks ago
For mid-market organizations, cybersecurity is a constant balancing act. Proactive, preventative security measures are essential to protect an expanding attack surface. Combined with effective protection that blocks threats, they play a critical role in stopping cyberattacks before damage is done. The challenge is that many security tools add complexity and cost that most mid-market businesses
The Hacker News

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82

Security Affairs
3 months 2 weeks ago
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter KONNI Adopts AI to Generate PowerShell Backdoors   Who Operates the Badbox 2.0 Botnet? Weaponized in China, Deployed in India: The SyncFuture Espionage Targeted Campaign Android Trojan Campaign Uses Hugging Face Hosting for RAT Payload […]
Pierluigi Paganini

Microsoft sets a path to switch off NTLM across Windows

Help Net Security
3 months 2 weeks ago

Windows is shifting to a more secure authentication approach, moving away from New Technology LAN Manager (NTLM) and toward stronger, Kerberos-based options. NTLM has been part of Windows for decades and continues to appear in some environments, particularly where legacy systems and older applications are present. Security threats have changed over time, and security expectations have risen with them. Today, NTLM’s weaker cryptography leaves it open to attacks such as replay attacks and man-in-the-middle attacks. … More →

The post Microsoft sets a path to switch off NTLM across Windows appeared first on Help Net Security.

Sinisa Markovic

Nation-state hack exploited hosting infrastructure to hijack Notepad++ updates

Security Affairs
3 months 2 weeks ago
Notepad++ maintainer says nation-state attackers hijacked the app’s update system by redirecting traffic at the hosting provider level. The Notepad++ maintainer revealed that nation-state hackers compromised the hosting provider’s infrastructure, redirecting update traffic to malicious servers. The attack did not exploit flaws in Notepad++ code but intercepted updates before they reached users. “According to the […]
Pierluigi Paganini

CVE-2023-42520 | WithSecure Client Security Scanning Engine denial of service (EUVD-2023-46953)

Vuldb Updates
3 months 2 weeks ago
A vulnerability was found in WithSecure Client Security, Server Security, Email and Server Security, Elements Endpoint Protection, Client Security for Mac, Linux Security, Linux Protection and Atlant. It has been declared as problematic. Impacted is an unknown function of the component Scanning Engine. Such manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2023-42520. The attack can be launched remotely. No exploit exists.
vuldb.com

Managed ad