Aggregator

Head Mare Group Intensifies Attacks on Russia with PhantomCore RAT

Chinese hackers use Visual Studio Code tunnels for remote access

Microsoft 365 outage takes down Office web apps, admin center

On December 2024 Patch Tuesday, Microsoft resolved 71 vulnerabilities in a variety of its products, including a zero-day (CVE-2024-49138) that’s been exploited by attackers in the wild to execute code with higher privileges. CVE-2024-49138 exploited by attackers CVE-2024-49138 stems from a heap-based buffer overflow vulnerability in the Windows Common Log File System (CLFS) Driver and can be exploited by attackers to elevate their privileges on the target host to SYSTEM, according to Microsoft. The attack … More →

The post Microsoft fixes exploited zero-day (CVE-2024-49138) appeared first on Help Net Security.

高血糖对大脑有负面影响

The Department of the Treasury is sanctioning Chinese cybersecurity company Sichuan Silence, and one of its employees, Guan Tianfeng, for their roles in the April 2020 compromise of tens of thousands of firewalls worldwide. Many of the victims were U.S. critical infrastructure companies. The Department of Justice unsealed an indictment on Guan for the same activity. The U.S. Department of State also announced a Rewards for Justice reward offer of up to $10 million for … More →

The post US sanctions Chinese cybersecurity company for firewall compromise, ransomware attacks appeared first on Help Net Security.

Hunting The Secret Service’s $10M Joker: Timur Kamilevich Shakhmametov

Security Risks in TP-Link Archer Router Could Lead to Unauthorized Access

SpartanWarrioz, whose prolific phishing kit business took a hit when the group's Telegram channel was shut down in November, is rebounding quickly, creating a new channel and courting former subscribers as it rebuilds its operations, Forta researchers say.

The post Scam Kit Maker Rebuilding Business After Telegram Channel Shut Down appeared first on Security Boulevard.

Full-Face Masks to Frustrate Identification

TikTok ban in US: Company seeks emergency injunction to prevent it

In today’s digital classroom, connectivity is key—but it comes with challenges. As technology becomes an integral part of teaching and learning, K-12 schools face the responsibility of supporting classroom technology while safeguarding sensitive student and staff data. The shift to cloud-based tools like Google Workspace and Microsoft 365 has opened up new possibilities for collaboration, ...

The post Discover the Benefits of Cloud Monitor’s Advanced Cloud Security appeared first on ManagedMethods Cybersecurity, Safety & Compliance for K-12.

The post Discover the Benefits of Cloud Monitor’s Advanced Cloud Security appeared first on Security Boulevard.

Retracing the Congolese March Where Dido Kakisingi was Killed

A vulnerability in WPForms, a WordPress plugin used in over 6 million websites, could allow subscriber-level users to issue arbitrary Stripe refunds or cancel subscriptions. [...]

Startup Aims to Secure AI Agents, Expand Global Reach, Do User Access Management
Astrix raises $45 million to advance AI agent security and expand its global presence. The company plans to double its workforce, focusing on anomaly detection and fingerprinting techniques for non-human identities along the correlating information about human and non-human identities.

Copilot Enhancements and Other Key Announcements From Microsoft Ignite 2024
Advanced AI took the center stage at Microsoft Ignite 2024. Reflecting on AI as the "most transformative technology of our time," CEO Satya Nadella set the tone for Microsoft's future where every facet of technology is integrated with AI in all key aspects - productivity, collaboration and security.

Tianfeng Guan Allegedly Developed Zero-Day Exploit of Sophos XG Firewall
The U.S. federal government rolled out its heavy guns Tuesday against a Chinese hacker allegedly at the center of a zero-day exploit used to hack firewalls made by Sophos, unsealing an indictment, rolling out sanctions and offering $10 million for information leading to the suspect's arrest.

Authors/Presenters: Rob Joyce, The Dark Tangent

Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.

Permalink

The post DEF CON 32 – Changing Global Threat Landscape appeared first on Security Boulevard.

The Future of Network Security: Automated Internal and External Pentesting

A vulnerability was found in TP-LINK TL-WR845N(UN) 4_190219. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Base64 Encoded Form Handler. The manipulation leads to channel accessible by non-endpoint. This vulnerability is handled as CVE-2024-46341. The attack may be launched remotely. There is no exploit available.