Security News

Week in review: PoC for Windows Print Spooler flaw leaked, conquering synthetic identity fraud
2021-07-04 08:00

PoC for critical Windows Print Spooler flaw leakedMicrosoft has confirmed that the so-called PrintNightmare vulnerability is not the same flaw as the previously patched CVE-2021-1675, and that the leaked PoC exploits can be used to exploit this RCE zero-day. Cisco security devices targeted with CVE-2020-3580 PoC exploitAttackers and bug hunters are leveraging an exploit for CVE-2020-3580 to compromise vulnerable security devices running Cisco ASA or FTD software.

Leaked Babuk Locker ransomware builder used in new attacks
2021-06-30 23:01

A leaked tool used by the Babuk Locker operation to create custom ransomware executables is now being used by another threat actor in a very active campaign targeting victims worldwide. Babuk Locker was a ransomware operation that launched at the beginning of 2021 when it began targeting corporate victims and stealing their data in double-extortion attacks.

Leaked print spooler exploit lets Windows users remotely execute code as system on your domain controller
2021-06-30 15:19

An infosec firm accidentally published a proof-of-concept exploit for a critical Windows print spooler vulnerability that can be abused by rogue users to compromise Active Directory domain controllers. This security hole could be exploited by a normal user to execute code as an administrator on a system running the print spooler service.

PoC for critical Windows Print Spooler flaw leaked (CVE-2021-1675)
2021-06-30 12:46

CVE-2021-1675, a Windows Print Spooler vulnerability that Microsoft patched in June 2021, presents a much greater danger than initially thought: researchers have proved that it can be exploited to achieve remote code execution and - what's worse - PoC exploits have since been leaked. The Windows Print Spooler is an application / interface / service that interacts with local or networked printers and manages the printing process.

Leaked Windows 11 screenshots show new File Explorer, Settings app
2021-06-28 14:28

Leaked screenshots of an internal Microsoft build of Windows 11 have given us a glimpse of the upcoming changes coming to File Explorer and the Settings app. The screenshots of the new features were leaked this morning on Twitter, allowing us to see some of the latest Windows 11 features not present in the early preview build leaked earlier this month.

Tulsa’s Police-Citation Data Leaked by Conti Gang
2021-06-24 13:14

The city of Tulsa, OK is asking some of its residents to keep a close eye on their personal and financial accounts after the Conti ransomware group leaked some 18,000 city files, mostly police citations, on the dark web. The websites for the city, the Tulsa City Council, the city's police force and Tulsa 311 also were affected in the attack.

Windows 11 Leaked - What we know so far about Microsoft's new OS
2021-06-15 17:59

An alleged preview build for Windows 11 has been leaked, confirming the new name for Microsoft's next generation of Windows and providing a glimpse of the new features. At first glance, Windows 11 looks a lot like Windows 10 with a design overhaul that includes colorful icons, rounded corners, and new animations.

Billions of passwords leaked online from past data breaches
2021-06-09 14:09

A list of leaked passwords discovered on a hacker forum may be one of the largest such collections of all time. A 100GB text file leaked by a user on a popular hacker forum contains 8.4 billion passwords, likely gathered from past data breaches, tech news site CyberNews said on Monday.

UK Special Forces soldiers' personal data was floating around WhatsApp in a leaked Army spreadsheet
2021-06-02 14:28

An astonishing data security blunder saw the personal data of Special Forces soldiers circulating around WhatsApp in a leaked British Army spreadsheet. The document, seen by The Register, contained details of all 1,182 British soldiers recently promoted from corporal to sergeant - including those in sensitive units such as the Special Air Service, Special Boat Service and the Special Reconnaissance Regiment.

India's National Carrier Says Hack Leaked Passengers' Data
2021-05-23 12:08

Personal data of an unspecified number of travelers has been compromised after a company that serves India's national carrier was hacked, Air India said. The hackers were able to access 10 years' worth of data including names, passport and credit card details from the Atlanta-based SITA Passenger Service System, Air India said in a statement Friday.