Please turn on your JavaScript for this page to function normally.
Active Directory
Active Directory compromise: Cybersecurity agencies provide guidance

Active Directory (AD), Microsoft’s on-premises directory service for Windows domain networks, is so widely used for enterprise identity and access management that …

Android
The number of Android memory safety vulnerabilities has tumbled, and here’s why

Google’s decision to write new code into Android’s codebase in Rust, a memory-safe programming language, has resulted in a significant drop in memory safety …

SolarWinds Web Help Desk
PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987)

Details about and proof-of-concept (PoC) exploit code for CVE-2024-28987, a recently patched SolarWinds Web Help Desk (WHD) vulnerability that could be exploited by …

Ivanti
Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593)

CVE-2024-7593, a critical authentication bypass vulnerability affecting Ivanti Virtual Traffic Manager (vTM) appliances, is actively exploited by attackers. The confirmation …

truck
Transportation, logistics companies targeted with lures impersonating fleet management software

Financially motivated threat actors are targeting North American companies in the transportation and logistics sector with tailored lures, info-stealing malware, and a clever …

Kaspersky
US-based Kaspersky users startled by unexpected UltraAV installation

A poorly executed “handover” of US-based Kaspersky customers has led some users to panic when software named UltraAV popped up on their computers without any …

Telegram
Telegram will share IP addresses, phone numbers of criminal suspects with cops

Telegram will start handing over the IP addresses and phone numbers of users who violate their Terms of Service “to relevant authorities in response to valid legal …

Windows Server
Windows Server 2025 gets hotpatching option, without reboots

Organizations that plan to upgrade to Windows Server 2025 once it becomes generally available will be able to implement some security updates by hotpatching running processes. …

arrows
Organizations are changing cybersecurity providers in wake of Crowdstrike outage

More often than not, a cyber attack or a cyber incident that results in business disruption will spur organizations to make changes to improve their cybersecurity and cyber …

Verify you are human
Windows users targeted with fake human verification pages delivering malware

For a while now, security researchers have been warning about fake human verification pages tricking Windows users into inadvertently installing malware. A recently exposed …

One Identity
Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488)

Researchers have released technical details about CVE-2024-45488, a critical authentication bypass vulnerability affecting One Identity’s Safeguard for Privileged …

FBI
FBI forced Flax Typhoon to abandon its botnet

A botnet operated by the Chinese state-sponsored threat actor known as Flax Typhoon has been disrupted by the law enforcement agency and abandoned by the group, FBI Director …

Don't miss

Cybersecurity news