Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Summertime Blues: TA558 Ramps Up Attacks on Hospitality, Travel Sectors

The cybercriminal crew has used 15 malware families to target travel and hospitality companies globally, constantly changing tactics over the course of its four-year history.

DARKReading
Open in Source
#web#mac#windows#microsoft#ssh
Google Patches Chrome’s Fifth Zero-Day of the Year

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.

Bad rhythm: Janet Jackson song resonates poorly with some old hard drives

Categories: Business Tags: Janet Jackson Tags: music Tags: rhythm nation Tags: song Tags: video Tags: resonant frequency Tags: hard drive We take a look at news of the Janet Jackson smash Rhythm Nation causing bizarre issues for certain older hard drive models. (Read more...) The post Bad rhythm: Janet Jackson song resonates poorly with some old hard drives appeared first on Malwarebytes Labs.

Hackers Using Bumblebee Loader to Compromise Active Directory Services

The malware loader known as Bumblebee is being increasingly co-opted by threat actors associated with BazarLoader, TrickBot, and IcedID in their campaigns to breach target networks for post-exploitation activities. "Bumblebee operators conduct intensive reconnaissance activities and redirect the output of executed commands to files for exfiltration," Cybereason researchers Meroujan Antonyan and

Google Cloud Adds Curated Detection to Chronicle

The curated detection feature for Chronicle SecOps Suite provides security teams with actionable insights on cloud threats and Windows-based attacks from Google Cloud Threat Intelligence Team.

35 malicious apps found on Google Play Store, installed by 2m users

By Waqas Another day, another set of nasty applications on the official Google Play Store. The growing efforts of cyber-criminals… This is a post from HackRead.com Read the original post: 35 malicious apps found on Google Play Store, installed by 2m users

'DarkTortilla' Malware Wraps in Sophistication for High-Volume RAT Infections

The stealthy crypter, active since 2015, has been used to deliver a wide range of information stealers and RATs at a rapid, widespread clip.

'Operation Sugarush' Mounts Concerning Spy Effort on Shipping, Healthcare Industries

A suspected Iranian threat actor known as UNC3890 is gathering intel that could be used for kinetic strikes against global shipping targets.

China-Backed RedAlpha APT Builds Sprawling Cyber-Espionage Infrastructure

The state-sponsored group particularly targets organizations working on behalf of the Uyghurs, Tibet, and Taiwan, looking to gather intel that could lead to human-rights abuses, researchers say.

CVE-2022-2856: Chromium: CVE-2022-2856 Insufficient validation of untrusted input in Intents

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**