Recently-disrupted LockBit ransomware group, in a desperate attempt to make a comeback, claimed this week that it had hit the Federal Reserve, the central bank of the United States. Except, the rumor has been quashed.
LibreOfficeKit can be used for accessing LibreOffice functionality through C/C++. Typically this is used by third party components to reuse LibreOffice as a library to convert, view or otherwise interact with documents.
LibreOffice internally makes use of "curl" to fetch remote resources such as images hosted on webservers.
The company “identified a security incident that involved bad actors targeting a limited number of HubSpot customers and attempting to gain unauthorized access to their accounts” on June 22.
Indonesian President Joko Widodo ordered on Friday an audit of government data centres after officials said the bulk of data affected by a recent ransomware cyberattack was not backed up, exposing the country's vulnerability to such attacks.
Last week's cyberattack, the worst in Indonesia in recent years, has disrupted multiple government services including immigration and operations at major airports.
A critical vulnerability is affecting certain versions of GitLab Community and Enterprise Edition products, which could be exploited to run pipelines as any user.
Korean telecom company KT Corporation sent malware to its subscribers who use Webhard's Grid Service peer-to-peer sharing program to hide their files and stop them from using the service.
Critical security flaw in Fortra FileCatalyst Workflow allows database tampering. Patch available.
P2Pinfect is a rust-based malware covered extensively by Cado Security in the past. Cado Security researchers first discovered it during triage of honeypot telemetry in July of 2023.
Researchers warn that the P2Pinfect worm is targeting Redis servers with ransomware and cryptocurrency mining payloads.
The company updated an advisory about a bug affecting the MOVEit tool, warning a “newly identified vulnerability in a third-party component" had elevated the risks.
Progress un-embargoed an authentication bypass vulnerability in Progress MOVEit Transfer.
Many sysadmins may remember last year’s CVE-2023-34362, a cataclysmic vulnerability in Progress MOVEit Transfer that sent ripples through the industry, claiming such high-profile victims as the BBC and FBI. Sensitive data was leaked, and sensitive data was destroyed, as the cl0p ransomware gang leveraged 0days to steal data - and ultimately leaving a trail of mayhem.
According to the Department of Justice, 22-year-old Amin Stigal helped Russian military intelligence carry out cyber operations, including probing computers belonging to a federal government agency in Maryland.
Cyberespionage groups have been using ransomware as a tactic to make attack attribution more challenging, distract defenders, or for a financial reward as a secondary goal to data theft.
Threat actors in the cyberespionage ecosystem are using ransomware for financial gain, disruption, distraction, misattribution, and the removal of evidence.
[German]A Microsoft software developer has accidentally shared internal PlayReady source code with the public (a developer forum). The data leak of 4 GByte is sufficient to compile the required DLL from the source code. This could be a real boon for people who want to reverse engineering or crack PlayReady. What is PlayReady? PlayReady is...
Summary Eclypsium Automata, our automated binary analysis system, has identified a high impact vulnerability (CVE-2024-0762 with a reported CVSS of 7.5) in the Phoenix SecureCore UEFI firmware that runs on multiple families of Intel Core desktop and mobile processors. The issue involves an unsafe variable in the Trusted Platform Module (TPM) configuration that could lead […]
Andrei Sannikov and Evgeny Erlikh discuss the effects of discovering their devices had been infected with Pegasus — making them part of a rapidly expanding list of civil-society figures targeted with the commercial spyware.
CDK Global, the auto dealership software solutions firm that supplies services to an estimated 15,000 dealerships in the U.S. and Canada, said it has begun the
Neiman Marcus is the latest large company affected by a run of attacks on customers of the data cloud storage provider Snowflake.
South Africa’s National Health Laboratory Service (NHLS) was hit by hackers on Saturday, with the dissemination of lab results severely impacted.
