Security News

New Ghost Tap attack abuses NFC mobile payments to steal money
2024-11-20 16:44

Cybercriminals have devised a novel method to cash out from stolen credit card details linked to mobile payment systems such as Apple Pay and Google Pay, dubbed 'Ghost Tap,' which relays NFC card...

Five backup lessons learned from the UnitedHealth ransomware attack
2024-11-20 06:00

The ransomware attack on UnitedHealth earlier this year is quickly becoming the healthcare industry’s version of Colonial Pipeline, prompting congressional testimony, lawmaker scrutiny and...

Apple fixes two zero-days used in attacks on Intel-based Macs
2024-11-19 21:52

Apple released emergency security updates to fix two zero-day vulnerabilities that were exploited in attacks on Intel-based Mac systems. [...]

CISA tags Progress Kemp LoadMaster flaw as exploited in attacks
2024-11-19 21:18

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three new flaws in its Known Exploited Vulnerabilities (KEV) catalog, including a critical OS command injection impacting...

Oracle warns of Agile PLM file disclosure flaw exploited in attacks
2024-11-19 19:56

Oracle has fixed an unauthenticated file disclosure flaw in Oracle Agile Product Lifecycle Management (PLM) tracked as CVE-2024-21287, which was actively exploited as a zero-day to download files. [...]

New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems
2024-11-19 09:40

Cybersecurity researchers have shed light on a Linux variant of a relatively new ransomware strain called Helldown, suggesting that the threat actors are broadening their attack focus. "Helldown...

Palo Alto Networks patches two firewall zero-days used in attacks
2024-11-18 20:50

Palo Alto Networks has finally released security updates for an actively exploited zero-day vulnerability in its Next-Generation Firewalls (NGFW). [...]

T-Mobile US 'monitoring' China's 'industry-wide attack' amid fresh security breach fears
2024-11-18 20:43

Un-carrier said to be among those hit by Salt Typhoon, including AT&T, Verizon T-Mobile US said it is "monitoring" an "industry-wide" cyber-espionage campaign against American networks – amid...

Critical RCE bug in VMware vCenter Server now exploited in attacks
2024-11-18 18:54

​Broadcom warned today that attackers are now exploiting two VMware vCenter Server vulnerabilities, one of which is a critical remote code execution flaw. [...]

Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations
2024-11-15 17:57

Cybersecurity researchers have shed light on a new remote access trojan and information stealer used by Iranian state-sponsored actors to conduct reconnaissance of compromised endpoints and...