FreshRSS

πŸ”’
☐ β˜† βœ‡ The Hacker News

Microsoft Rolls Out Patches for 73 Flaws, Including 2 Windows Zero-Days

By Newsroom β€” February 14th 2024 at 05:01
Microsoft has released patches to address 73 security flaws spanning its software lineup as part of its Patch Tuesday updates for February 2024, including two zero-days that have come under active exploitation. Of the 73 vulnerabilities, 5 are rated Critical, 65 are rated Important, and three and rated Moderate in severity. This is in addition to 24 flaws that have been fixed
☐ β˜† βœ‡ The Hacker News

VexTrio: The Uber of Cybercrime - Brokering Malware for 60+ Affiliates

By Newsroom β€” January 23rd 2024 at 14:33
The threat actors behind ClearFake, SocGholish, and dozens of other e-crime outfits have established partnerships with another entity known as VexTrio as part of a massive "criminal affiliate program," new findings from Infoblox reveal. The latest development demonstrates the "breadth of their activities and depth of their connections within the cybercrime industry," the company said,
☐ β˜† βœ‡ The Hacker News

PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft

By Newsroom β€” January 18th 2024 at 09:19
Multiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification used widely in modern computers. Collectively dubbed PixieFail by Quarkslab, the nine issues reside in the TianoCore EFI Development Kit II (EDK II) and could be exploited to
☐ β˜† βœ‡ The Hacker News

Sea Turtle Cyber Espionage Campaign Targets Dutch IT and Telecom Companies

By Newsroom β€” January 6th 2024 at 08:19
Telecommunication, media, internet service providers (ISPs), information technology (IT)-service providers, and Kurdish websites in the Netherlands have been targeted as part of a new cyber espionage campaign undertaken by a TΓΌrkiye-nexus threat actor known as Sea Turtle. "The infrastructure of the targets was susceptible to supply chain and island-hopping attacks, which the attack group
☐ β˜† βœ‡ The Hacker News

Microsoft's Final 2023 Patch Tuesday: 33 Flaws Fixed, Including 4 Critical

By Newsroom β€” December 13th 2023 at 05:50
Microsoft released its final set of Patch Tuesday updates for 2023, closing out 33 flaws in its software, making it one of the lightest releases in recent years. Of the 33 shortcomings, four are rated Critical and 29 are rated Important in severity. The fixes are in addition to 18 flaws Microsoft addressed in its Chromium-based Edge browser since the release of Patch
☐ β˜† βœ‡ The Hacker News

Mac Users Beware: New Trojan-Proxy Malware Spreading via Pirated Software

By Newsroom β€” December 8th 2023 at 09:52
Unauthorized websites distributing trojanized versions of cracked software have been found to infect Apple macOS users with a new Trojan-Proxy malware. "Attackers can use this type of malware to gain money by building a proxy server network or to perform criminal acts on behalf of the victim: to launch attacks on websites, companies and individuals, buy guns, drugs, and other illicit
☐ β˜† βœ‡ The Hacker News

The Risks and Preventions of AI in Business: Safeguarding Against Potential Pitfalls

By The Hacker News β€” July 12th 2023 at 11:04
Artificial intelligence (AI) holds immense potential for optimizing internal processes within businesses. However, it also comes with legitimate concerns regarding unauthorized use, including data loss risks and legal consequences. In this article, we will explore the risks associated with AI implementation and discuss measures to minimize damages. Additionally, we will examine regulatory
☐ β˜† βœ‡ The Hacker News

New Decoy Dog Malware Toolkit Uncovered: Targeting Enterprise Networks

By Ravie Lakshmanan β€” May 1st 2023 at 12:31
An analysis of over 70 billion DNS records has led to the discovery of a new sophisticated malware toolkit dubbedΒ Decoy DogΒ targeting enterprise networks. Decoy Dog, as the name implies, is evasive and employs techniques like strategic domain aging and DNS query dribbling, wherein a series of queries are transmitted to the command-and-control (C2) domains so as to not arouse any suspicion. "
☐ β˜† βœ‡ The Hacker News

Keep Your Grinch at Bay: Here's How to Stay Safe Online this Holiday Season

By The Hacker News β€” December 12th 2022 at 11:51
As the holiday season approaches, online shopping and gift-giving are at the top of many people's to-do lists. But before you hit the "buy" button, it's important to remember that this time of year is also the peak season for cybercriminals. In fact, cybercriminals often ramp up their efforts during the holidays, taking advantage of the influx of online shoppers and the general hustle and bustle
☐ β˜† βœ‡ The Hacker News

VPN vs. DNS Security

By The Hacker News β€” November 11th 2022 at 12:30
When you are trying to get another layer of cyber protection that would not require a lot of resources, you are most likely choosing between a VPN service & a DNS Security solution. Let's discuss both.Β  VPN Explained VPN stands for Virtual Private Networks and basically hides your IP and provides an encrypted server by redirecting your traffic via a server run by a VPN host. It establishes a
☐ β˜† βœ‡ The Hacker News

Unified Threat Management: The All-in-One Cybersecurity Solution

By The Hacker News β€” August 16th 2022 at 10:50
UTM (Unified threat management) is thought to be an all-in-one solution for cybersecurity. In general, it is a versatile software or hardware firewall solution integrated with IPS (Intrusion Prevention System) and other security services. A universal gateway allows the user to manage network security with one comprehensive solution, which makes the task much easier. In addition, compared to a
☐ β˜† βœ‡ The Hacker News

Google Adds Support for DNS-over-HTTP/3 in Android to Keep DNS Queries Private

By Ravie Lakshmanan β€” July 20th 2022 at 13:41
Google on Tuesday officially announced support for DNS-over-HTTP/3 (DoH3) for Android devices as part of a Google Play system update designed to keep DNS queries private. To that end, Android smartphones running Android 11 and higher are expected to use DoH3 instead of DNS-over-TLS (DoT), which was incorporated into the mobile operating system with Android 9.0. DoH3 is also an alternative to
❌