Researchers have discovered a new post-exploitation technique in Amazon Web Services (AWS) that allows hackers to use the platform’s System Manager (SSM) agent as an undetectable...
A threat actor dubbed Luna Moth has been leveraging social engineering and legitimate software to steal sensitive data and extort money from small and medium-size businesses. The group...
A vulnerability in popular remote access service/platform ConnectWise Control could have been leveraged by scammers to make compromising targets’ computers easier, Guardio researchers have discovered. By...
VMware has released security updates to address three critical severity vulnerabilities in the Workspace ONE Assist solution that enable remote attackers to bypass authentication and elevate...
Researchers have discovered at least 9,000 exposed VNC (virtual network computing) endpoints that can be accessed and used without authentication, allowing threat actors easy access to...
Researchers have found over 20,000 instances of publicly exposed data center infrastructure management (DCIM) software that monitor devices, HVAC control systems, and power distribution units, which...
The Cybereason Nocturnus and Incident Response Teams recently responded to Operation GhostShell, a highly targeted cyber espionage campaign that attacks aerospace and telecommunications industries in the Middle...
Unpatched Dahua cameras are prone to two authentication bypass vulnerabilities, and a proof of concept exploit that came out today makes the case of upgrading pressing. ...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released guidance for hardening the security of virtual private network (VPN)...
The author of a popular software-defined radio (SDR) project has removed a “backdoor” from radio devices that granted root-level access. The backdoor had been, according to the author,...
Recent Comments