by Syndicated News Feed | Mar 13, 2025 | IT Security
A new ransomware operator named ‘Mora_001’ is exploiting two Fortinet vulnerabilities to gain unauthorized access to firewall appliances and deploy a custom ransomware strain dubbed SuperBlack. The two vulnerabilities, both authentication bypasses, are...
by Syndicated News Feed | Mar 13, 2025 | IT Security
Google has told The Register it’s beginning to roll out a fix for Chromecast devices that were crippled by an expired security certificate authority. We’re assured this deployment will take place over the next few days. On Sunday, March 9, users of the...
by Syndicated News Feed | Mar 13, 2025 | IT Security
An ongoing phishing campaign disguised as a Booking.com email casts keystroke and credential-stealing malware into hospitality employees’ inboxes for financial fraud and theft, according to Microsoft Threat Intelligence. Redmond says the email attacks began in...
by Syndicated News Feed | Mar 13, 2025 | IT Security
Uncle Sam’s cybersecurity agency is trying to save face by seeking to clear up what it’s calling “inaccurate reporting” after a former senior pen-tester claimed the organization axed two red teams. CISA has assured us it has not terminated the...
by Syndicated News Feed | Mar 12, 2025 | IT Security
Facebook is warning that a FreeType vulnerability in all versions up to 2.13 can lead to arbitrary code execution, with reports that the flaw has been exploited in attacks. FreeType is a popular open-source font rendering library used to display text and...
by Syndicated News Feed | Mar 12, 2025 | IT Security
Chinese spies have for months exploited old Juniper Networks routers, infecting the buggy gear with custom backdoors and gaining root access to the compromised devices. According to a Tuesday report from Google Threat Intelligence and a Juniper Networks security...
by Syndicated News Feed | Mar 12, 2025 | IT Security
Microsoft says that some USB printers will start printing random text after installing Windows updates released since late January 2025. The known issue affects Windows 10 (version 22H2) and Windows 11 (versions 22H2 and 23H2), but according to an update to the...
by Syndicated News Feed | Mar 11, 2025 | IT Security
A penetration tester who worked at the US govt’s CISA claims his 100-strong team was dismissed after Elon Musk’s Trump-blessed DOGE unit cancelled a contract – and that more staff at the cybersecurity agency have also been let go. “On Friday, February 28,...
by Syndicated News Feed | Mar 11, 2025 | IT Security
Six malicious packages have been identified on npm (Node package manager) linked to the notorious North Korean hacking group Lazarus. The packages, which have been downloaded 330 times, are designed to steal account credentials, deploy backdoors on compromised...
by Syndicated News Feed | Mar 11, 2025 | IT Security
Exclusive More than 86,000 records containing nurses’ medical records, facial images, ID documents and more sensitive info linked to health tech company ESHYFT was left sitting in a wide-open S3 bucket for months — or possibly even longer — before it was closed...
