Please turn on your JavaScript for this page to function normally.
Norway
Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078)

A zero-day vulnerability (CVE-2023-35078) affecting Ivanti Endpoint Manager Mobile (EPMM) has been exploited to carry out an attack that affected 12 Norwegian ministries, the …

extortion
Has the MOVEit hack paid off for Cl0p?

The number of known Cl0p victims resulting from its Memorial Day attack on vulnerable internet-facing MOVEit Transfer installations has surpassed 420, according to IT market …

Microsoft
Thanks Storm-0558! Microsoft to expand default access to cloud logs

Starting in September 2023, more federal government and commercial Microsoft customers will have access to expanded cloud logging capabilities at no additional charge, …

VirusTotal
VirusTotal leaked data of 5,600 registered users

VirusTotal has suffered a data leak that exposed the names and email addresses of 5,600 of its registered users. The leaked data reportedly includes information about …

Microsoft Teams
Malware delivery to Microsoft Teams users made easy

A tool that automates the delivery of malware from external attackers to target employees’ Microsoft Teams inbox has been released. TeamsPhisher (Source: Alex Reid) About the …

backup
PoC for Arcserve UDP authentication bypass flaw published (CVE-2023-26258)

An authentication bypass vulnerability (CVE-2023-26258) in the Arcserve Unified Data Protection (UDP) enterprise data protection solution can be exploited to compromise admin …

Microsoft Teams
Microsoft Teams vulnerability allows attackers to deliver malware to employees

Security researchers have uncovered a bug that could allow attackers to deliver malware directly into employees’ Microsoft Teams inbox. “Organisations that use …

VMware
VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887)

CVE-2023-20887, a pre-authentication command injection vulnerability in VMware Aria Operations for Networks (formerly vRealize Network Insight), has been spotted being …

vmware
VMware fixes critical flaws in Aria Operations for Networks (CVE-2023-20887)

VMware has fixed two critical (CVE-2023-20887, CVE-2023-20888) and one important vulnerability (CVE-2023-20889) in Aria Operations for Networks (formerly vRealize Network …

Switzerland
Switzerland under cyberattack

Swiss government websites are under DDoS attacks, but several ransomware gangs have also turned their sights on Swiss government organizations, cantonal governments, cities …

BEC scams
The multiplying impact of BEC attacks

The 2023 Verizon Data Breach Investigations Report (DBIR) has confirmed what FBI’s Internet Crime Complaint Center has pointed out earlier this year: BEC scammers are …

Progress MOVEit
MOVEit Transfer hack fallout: BBC, Aer Lingus, Boots among the victims

The fallout of the MOVEit Transfer hack via CVE-2023-34362 by the Cl0p gang is expanding, as several UK-based companies have now confirmed that some of their data has been …

Don't miss

Cybersecurity news