Please turn on your JavaScript for this page to function normally.
Foundation Software
Hackers breaching construction firms via specialized accounting software

Firms in the construction industry are getting breached by hackers via internet-exposed servers running Foundation accounting software, Huntress researchers are warning. …

Op Kraken arrest
Ghost: Criminal communication platform compromised, dismantled by international law enforcement

Another encrypted communication platform used by criminals has been dismantled and its alleged mastermind arrested, the Australian Federal Police has announced on Tuesday. …

vmware
Critical VMware vCenter Server bugs fixed (CVE-2024-38812)

Broadcom has released fixes for two vulnerabilities affecting VMware vCenter Server that can be triggered by sending a specially crafted network packet, and could lead to …

Apple security
Apple releases iOS 18, with security and privacy improvements

Apple has launched iOS 18, the latest significant iteration of the operating system powering its iPhones. Along with many new features and welcome customization options, iOS …

Ivanti
PoC exploit for exploited Ivanti Cloud Services Appliance flaw released (CVE-2024-8190)

CVE-2024-8190, an OS command injection vulnerability in Ivanti Cloud Services Appliance (CSA) v4.6, is under active exploitation. Details about the attacks are still unknown, …

laptop
Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)

CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML – a software component used by various apps for rendering web pages on Windows – “was …

Transport for London
Suspect arrested over the Transport for London cyberattack

The UK National Crime Agency has arrested and detained a suspect – a 17-year-old male in Walsall (West Midlands) – on suspicion of Computer Misuse Act offences in …

Adobe Reader
Adobe completes fix for Reader bug with known PoC exploit (CVE-2024-41869)

Among the security updates released by Adobe on Tuesday are those for various versions of Adobe Acrobat and Reader, which fix two critical flaws that could lead to arbitrary …

hand
Losses due to cryptocurrency and BEC scams are soaring

Every type of fraud is on the rise, and 2023 was a particularly devastating year for victims of cryptocurrency and business email compromise (BEC) scams, according to the FBI. …

Ivanti
Ivanti fixes critical vulnerabilities in Endpoint Management (CVE-2024-29847)

Ivanti has fixed a slew of vulnerabilities affecting its Endpoint Manager solution, including a maximum severity one (CVE-2024-29847) that may allow unauthenticated attackers …

Patch Tuesday
Microsoft fixes 4 exploited zero-days and a code defect that nixed earlier security fixes

September 2024 Patch Tuesday is here and Microsoft has delivered 79 fixes, including those for a handful of zero-days (CVE-2024-38217, CVE-2024-38226, CVE-2024-38014, …

SonicWall
CISA confirms that SonicWall vulnerability is getting exploited (CVE-2024-40766)

The US Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2024-40766 – a recently fixed improper access control vulnerability affecting …

Don't miss

Cybersecurity news