Security News
HackTheBox announces Academy for Business, a new interactive skill development course for corporate IT and security teams. Businesses can train and upskill their staff using practical and theoretical material from the Academy for Business, preparing employees for the challenges of modern cybersecurity threats.
Schou set up a Wi-Fi access point with a network name of %p%s%s%s%s%n, and then deliberately connected his iPhone to it in order to check for what are known as format string vulnerabilities. The name format string vulnerability comes from a standard, widely-used system function, found in almost every operating system, known as printf(), shorthand for format and print data.
Microsoft removed a registry hack in the latest preview build that allowed Windows 11 users to revert to the "Classic" Windows 10 Start Menu. When the Windows 11 preview build was leaked in June, one of the most significant and most controversial changes was a new floating Start Menu centered in the middle of the Taskbar.
Microsoft removed a registry hack in the latest preview build that allowed Windows 11 users to revert to the "Classic" Windows 10 Start Menu. When the Windows 11 preview build was leaked in June, one of the most significant and most controversial changes was a new floating Start Menu centered in the middle of the Taskbar.
A US software firm hit by a ransomware attack that crippled companies worldwide put off restarting its servers until Sunday to harden defenses against further breaches. Kaseya has the vulnerabilities exploited in the attack blocked, but opted to take more time to put in place additional layers of protection, he explained.
Investment banking firm Morgan Stanley has informed the New Hampshire Attorney General that personal information of some customers was compromised through a third-party vendor that was using the Accellion FTA service. In a letter submitted last week to the New Hampshire Attorney General's office, Morgan Stanley said Guidehouse informed them in May 2021 that some threat actors had exploited Accellion FTA to access Morgan Stanley documents that included personal information of StockPlan Connect participants.
Investment banking firm Morgan Stanley has reported a data breach after attackers stole personal information belonging to its customers by hacking into the Accellion FTA server of a third-party vendor. Guidehouse, a third-party vendor that provides account maintenance services to Morgan Stanley's StockPlan Connect business, notified the investment banking company in May 2021 that attackers hacked its Accellion FTA server to steal information belonging to Morgan Stanley stock plan participants.
Researchers have successfully reproduced the exploit used in the recent cyberattack targeting IT management software maker Kaseya and its customers. Kaseya on July 2 urged customers to immediately shut down on-premises servers running its VSA endpoint management and network monitoring tool due to a cyberattack.
Many owners of My Book Live and My Book Live Duo network-attached storage devices made by Western Digital reported having their files wiped, and it seems that it's the result of an attack exploiting an old vulnerability. Victims said a factory reset had been initiated on their device, which resulted in all files being erased.
The Water Sector Coordinating Council last week announced a new cybersecurity report focusing on water and wastewater utilities in the United States. The release of the report coincided with news that a threat actor in January attempted to poison the water at a facility in the U.S. The Water Sector Coordinating Council describes itself as "a policy, strategy and coordination mechanism for the Water and Wastewater Sector in interactions with the government and other sectors on critical infrastructure security and resilience issues."