Security
Headlines
HeadlinesLatestCVEs

Tag

#cisco

The Dark Nexus Between Harm Groups and ‘The Com’

A cyberattack that shut down some of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023: It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in Russia. But that made-for-Hollywood narrative has eclipsed a far more hideous trend: Many of these young, Western cybercriminals are also members of fast-growing online groups that exist solely to bully, stalk, harass and extort vulnerable teens into physically harming themselves and others.

Krebs on Security
Open in Source
#web#microsoft#cisco#intel#pdf#acer#samsung#auth#blog
Socially Savvy Scattered Spider Traps Cloud Admins in Web

The dangerous ransomware group is targeting financial and insurance sectors using smishing and vishing against IT service desk administrators, cybersecurity teams, and other employees with top-level privileges.

Chinese DragonRank Hackers Exploit Global Windows Servers in SEO Fraud

DragonRank, a Chinese-speaking hacking group, has compromised 30+ Windows servers globally. They exploit IIS vulnerabilities to manipulate SEO…

Vulnerability in Acrobat Reader could lead to remote code execution; Microsoft patches information disclosure issue in Windows API

CVE-2024-38257 is considered “less likely” to be exploited, though it does not require any user interaction or user privileges.

DragonRank Black Hat SEO Campaign Targeting IIS Servers Across Asia and Europe

A "simplified Chinese-speaking actor" has been linked to a new campaign that has targeted multiple countries in Asia and Europe with the end goal of performing search engine optimization (SEO) rank manipulation. The black hat SEO cluster has been codenamed DragonRank by Cisco Talos, with victimology footprint scattered across Thailand, India, Korea, Belgium, the Netherlands, and China. "

'Ancient' MSFT Word Bug Anchors Taiwanese Drone-Maker Attacks

An attack dubbed "WordDrone" that uses an old flaw to install a backdoor could be related to previously reported cyber incidents against Taiwan's military and satellite industrial supply chain.

Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws

Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for September 2024. The monthly security release addresses a total of 79 vulnerabilities, of which seven are rated Critical, 71 are rated Important, and one is rated Moderate in severity. This is aside from 26 flaws that the tech

Four zero-days included in group of 79 vulnerabilities Microsoft discloses, including one with 9.8 severity score

September’s monthly round of patches from Microsoft included 79 vulnerabilities, seven of which are considered critical.