Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Microsoft Can Fix Ransomware Tomorrow

You can't encrypt a file you can't open — Microsoft could dramatically impact ransomware by slowing it down.

DARKReading
Open in Source
#mac#windows#microsoft
Microsoft rubbishes Anonymous Sudan’s claim of Stealing 30M accounts

By Waqas Anonymous Sudan group took to Telegram to claim that it had stolen 30 million accounts belonging to Microsoft customers. This is a post from HackRead.com Read the original post: Microsoft rubbishes Anonymous Sudan’s claim of Stealing 30M accounts

Malicious ad for USPS fishes for banking credentials

Categories: Threat Intelligence Tags: malvertising Tags: google Tags: usps Tags: phishing Next time you need to track a package, be aware that malicious ads could be leading you to sites that steal your banking information. (Read more...) The post Malicious ad for USPS fishes for banking credentials appeared first on Malwarebytes Labs.

Node.js Users Beware: Manifest Confusion Attack Opens Door to Malware

The npm registry for the Node.js JavaScript runtime environment is susceptible to what's called a manifest confusion attack that could potentially allow threat actors to conceal malware in project dependencies or perform arbitrary script execution during installation. "A npm package's manifest is published independently from its tarball," Darcy Clarke, a former GitHub and npm engineering manager

Authors Sue OpenAI: ChatGPT’s Training Methods Challenged in Lawsuit

By Habiba Rashid Another day, another lawsuit against the developers of the groundbreaking AI chatbot ChatGPT. This is a post from HackRead.com Read the original post: Authors Sue OpenAI: ChatGPT’s Training Methods Challenged in Lawsuit

DDoSia Attack Tool Evolves with Encryption, Targeting Multiple Sectors

The threat actors behind the DDoSia attack tool have come up with a new version that incorporates a new mechanism to retrieve the list of targets to be bombarded with junk HTTP requests in an attempt to bring them down. The updated variant, written in Golang, "implements an additional security mechanism to conceal the list of targets, which is transmitted from the [command-and-control] to the

New Meduza Malware Targets Wallets, Passwords and Browsers on Windows

By Deeba Ahmed Meduza malware is being fiercely marketed across different Telegram channels, cybercrime and dark web forums. This is a post from HackRead.com Read the original post: New Meduza Malware Targets Wallets, Passwords and Browsers on Windows

CVE-2023-26258: UDP Software | Unified Data Protection for On- and Off-Premises Workloads - Arcserve

Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at WebServiceImpl/services/FlashServiceImpl leaks the AuthUUID token. This token can be used at /WebServiceImpl/services/VirtualStandbyServiceImpl to obtain a valid session. This session can be used to execute any task as administrator.

ChatGPT tricked into generating Windows 10 and Windows 11 keys

By Waqas A Twitter user successfully utilized the "grandma exploit" to trick ChatGPT and acquire multiple Windows 10 codes. This is a post from HackRead.com Read the original post: ChatGPT tricked into generating Windows 10 and Windows 11 keys

BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising

Threat actors associated with the BlackCat ransomware have been observed employing malvertising tricks to distribute rogue installers of the WinSCP file transfer application. "Malicious actors used malvertising to distribute a piece of malware via cloned webpages of legitimate organizations," Trend Micro researchers said in an analysis published last week. "In this case, the distribution