Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

New Ransomware Gang RA Group Hits U.S. and South Korean Organizations

A new ransomware group known as RA Group has become the latest threat actor to leverage the leaked Babuk ransomware source code to spawn its own locker variant. The cybercriminal gang, which is said to have been operating since at least April 22, 2023, is rapidly expanding its operations, according to cybersecurity firm Cisco Talos. "To date, the group has compromised three organizations in the

The Hacker News
Open in Source
#web#mac#windows#linux#cisco#vmware#The Hacker News
CLR SqlShell Malware Targets MS SQL Servers for Crypto Mining and Ransomware

Poorly managed Microsoft SQL (MS SQL) servers are the target of a new campaign that's designed to propagate a category of malware called CLR SqlShell that ultimately facilitates the deployment of cryptocurrency miners and ransomware. "Similar to web shell, which can be installed on web servers, SqlShell is a malware strain that supports various features after being installed on an MS SQL server,

CVE-2023-32784: KeePass / Discussion / Open Discussion: Security

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file (pagefile.sys), hibernation file (hiberfil.sys), or RAM dump of the entire system. The first character cannot be recovered. In 2.54, there is different API usage and/or random string insertion for mitigation.

Threat Roundup for May 5 to May 12

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 5 and May 12. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key

Making Sure Lost Data Stays Lost

Retired hardware and forgotten cloud virtual machines are a trove of insecure confidential data. Here's how to ameliorate that weakness.

CVE-2023-30768: INTEL-SA-00056

Improper access control in the Intel(R) Server Board S2600WTT belonging to the Intel(R) Server Board S2600WT Family with the BIOS version 0016 may allow a privileged user to potentially enable escalation of privilege via local access.

AI Is About to Be Everywhere: Where Will Regulators Be?

Regulators should apply a healthy skepticism to generative AI developments to guarantee a competitive marketplace.

CVE-2023-29983: CompanyMaps 8.0 Cross Site Scripting ≈ Packet Storm

Cross Site Scripting vulnerability found in Maximilian Vogt cmaps v.8.0 allows a remote attacker to execute arbitrary code via the auditlog tab in the admin panel.

Severe Security Flaw Exposes Over a Million WordPress Sites to Hijack

A security vulnerability has been disclosed in the popular WordPress plugin Essential Addons for Elementor that could be potentially exploited to achieve elevated privileges on affected sites. The issue, tracked as CVE-2023-32243, has been addressed by the plugin maintainers in version 5.7.2 that was shipped on May 11, 2023. Essential Addons for Elementor has over one million active

CVE-2023-29808: Companymaps 8.0 Cross Site Scripting ≈ Packet Storm

Cross Site Scripting (XSS) vulnerability in vogtmh cmaps (companymaps) 8.0 allows attackers to execute arbitrary code.