#microsoft

A ransomware attack on the city of Dallas, Texas is still disrupting many social services as of Wednesday, including hampering police communications and operations and potentially putting personal information at risk.

Ubuntu Security Notice 6070-1 - It was discovered that the Traffic-Control Index implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the TCINDEX classifier has been removed. It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

A previously undetected advanced persistent threat (APT) actor dubbed Red Stinger has been linked to attacks targeting Eastern Europe since 2020. "Military, transportation, and critical infrastructure were some of the entities being targeted, as well as some involved in the September East Ukraine referendums," Malwarebytes disclosed in a report published today. "Depending on the campaign,

New "Greatness" phishing-as-a-service used in attacks targeting manufacturing, healthcare, technology, and other sectors.

Categories: Business We blocked 100% of malware for the sixth consecutive quarter in a row. (Read more...) The post Malwarebytes achieves perfect score in latest AVLab assessment appeared first on Malwarebytes Labs.

GitHub has announced the general availability of a new security feature called push protection, which aims to prevent developers from inadvertently leaking keys and other secrets in their code. The Microsoft-owned cloud-based repository hosting platform, which began testing the feature a year ago, said it's also extending push protection to all public repositories at no extra cost. The

Categories: News Tags: Google passkey Tags: passkey Tags: passwordless future Tags: passwordless Tags: phishing Google is offering users the best option to date to securing their accounts from phishing. (Hint: It's not passwords.) (Read more...) The post Google Passkeys: How to create one and when you shouldn't appeared first on Malwarebytes Labs.

By Deeba Ahmed The two groups exploiting the vulnerability are Mango Sandstorm and Mint Sandstorm. Both are linked to the Iranian government and intelligence agencies. This is a post from HackRead.com Read the original post: Microsoft reports two Iranian hacking groups exploiting PaperCut flaw

The n8n package 0.218.0 for Node.js allows Directory Traversal.

Cybersecurity researchers have shared details about a now-patched security flaw in Windows MSHTML platform that could be abused to bypass integrity protections on targeted machines. The vulnerability, tracked as CVE-2023-29324 (CVSS score: 6.5), has been described as a security feature bypass. It was addressed by Microsoft as part of its Patch Tuesday updates for May 2023. Akamai security