Security News

Microsoft has confirmed customer reports of NTLM authentication failures and high load after installing last month's Windows Server security updates. According to a new entry added to the Windows health dashboard on Tuesday, this known issue will only affect Windows domain controllers in organizations with a lot of NTLM traffic and few primary DCs. The list of impacted Windows versions and buggy security updates includes Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2, and Windows Server 2008.

Cybersecurity researchers have discovered a previously undocumented malware targeting Android devices that uses compromised WordPress sites as relays for its actual command-and-control (C2)...

Researchers have sinkholed a command and control server for a variant of the PlugX malware and observed in six months more than 2.5 million connections from unique IP addresses. Since September 2023, when Sekoia captured the unique IP address associated with the particular C2, it has logged over 2,495,297 unique IPs from 170 countries interacting with its sinkhole.

Over 1,400 CrushFTP servers exposed online were found vulnerable to attacks currently targeting a critical severity server-side template injection vulnerability previously exploited as a zero-day. Shodan also currently tracks 5,232 Internet-exposed CrushFTP servers, although it doesn't provide any information on how many of them might be vulnerable to attacks.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

Threats from malware, cryptographic infections and compromised networks have never been greater. Companies can't protect their technological infrastructure without a solid grasp of the actual equipment in play.

Threat actors behind the Akira ransomware group have extorted approximately $42 million in illicit proceeds after breaching the networks of more than 250 victims as of January 1, 2024. "Since...

Microsoft says the new Copilot app, mistakenly added to the list of installed Windows apps by recent Edge updates, doesn't collect or relay data to its servers. For this reason, they were surprised to see a new 8KB Microsoft Copilot app added to the list of installed programs on live production builds of Windows Server 2022.

The U.S. Department of Justice has announced the arrest and indictment of Charles O. Parks III, known as "CP3O," for allegedly renting large numbers of cloud servers to conduct crypto mining and then skipping out on paying the bills. The DOJ explains that the defendant created a unique scheme that utilized $3.5 million worth of cloud computing resources to mine $970,000 worth of cryptocurrency at the expense of two cloud service providers.

A security flaw impacting the Lighttpd web server used in baseboard management controllers (BMCs) has remained unpatched by device vendors like Intel and Lenovo, new findings from Binarly reveal....