Security News > 2024 > March

The Kremlin's cyberspies targeted German political parties in a phishing campaign that used emails disguised as dinner party invitations, according to Mandiant. Russia's Cozy Bear, also known as APT29 and Midnight Blizzard, engineered the messages to infect marks' Windows PCs with a backdoor first observed in January and dubbed WINELOADER. These were intended to provide long-term access to the political parties' networks and data, the Google-backed security biz asserted on Friday.

The WINELOADER backdoor used in recent cyber attacks targeting diplomatic entities with wine-tasting phishing lures has been attributed as the handiwork of a hacking group with links to Russia's...

Microsoft has released emergency out-of-band updates to fix a known issue causing Windows domain controllers to crash after installing the March 2024 Windows Server security updates. If you installed previous Windows Server updates, only the new updates in these packages will be downloaded and installed.

Crew may well be working under contract for Beijing Chinese spies exploited a couple of critical-severity bugs in F5 and ConnectWise equipment earlier this year to sell access to compromised US...

A new species of squid was discovered, along with about a hundred other species. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.

Researchers are warning that a notorious hacking group linked to Russia's Foreign Intelligence Service is targeting political parties in Germany for the first time, shifting their focus away from the typical targeting of diplomatic missions. APT29 is a Russian espionage hacking group believed to be part of the Russian Foreign Intelligence Service.

Mozilla has released security updates to fix two zero-day vulnerabilities in the Firefox web browser exploited during the Pwn2Own Vancouver 2024 hacking competition. Mozilla fixed the security flaws in Firefox 124.0.1 and Firefox ESR 115.9.1 to block potential remote code execution attacks targeting unpatched web browsers on desktop devices.

Around 3 million doors protected by popular keycard locks are thought to be vulnerable to security flaws that allow miscreants to quickly slip into locked rooms. Security researchers developed an exploit that applies to various Saflok keycard locks made by Swiss security company dormakaba, ones that are prevalent in hotels around the world, as well as properties of multiple occupancy.

Okta is one of the most well-known companies in the IAM space, but up-and-coming competitor JumpCloud has recently challenged Okta's dominance. This review compares the essential features of JumpCloud and Okta to help you choose the right IAM software for your business.

The German police have seized infrastructure for the darknet Nemesis Market cybercrime marketplace in Germany and Lithuania, disrupting the site's operation. The Nemesis Market was launched in 2021 as a new marketplace to purchase illegal drugs and narcotics, stolen data and credit cards, and various cybercrime services related to ransomware, phishing, and distributed denial of service attacks.