Security News

Hackers use PHP exploit to backdoor Windows systems with new malware
2024-08-20 17:49

Unknown attackers have deployed a newly discovered backdoor dubbed Msupedge on a university's Windows systems in Taiwan, likely by exploiting a recently patched PHP remote code execution...

August Windows security update breaks dual boot on Linux systems
2024-08-20 16:28

According to user reports following this month's Patch Tuesday, the August 2024 Windows security updates are breaking dual boot on some Linux systems with Secure Boot enabled. [...]

August Windows updates break dual boot on some Linux systems
2024-08-20 16:28

According to user reports following this month's Patch Tuesday, the August 2024 Windows updates are breaking dual boot on some Linux systems with Secure Boot enabled. [...]

New Banshee Stealer Targets 100+ Browser Extensions on Apple macOS Systems
2024-08-16 08:28

Cybersecurity researchers have uncovered new stealer malware that's designed to specifically target Apple macOS systems. Dubbed Banshee Stealer, it's offered for sale in the cybercrime underground...

Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now
2024-08-14 20:51

Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an increased likelihood of exploitation that impacts all Windows systems with IPv6...

Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled
2024-08-14 20:51

Microsoft warned customers this Tuesday to patch a critical TCP/IP remote code execution (RCE) vulnerability with an increased likelihood of exploitation that impacts all Windows systems with IPv6...

AutoCanada discloses cyberattack impacting internal IT systems
2024-08-14 16:36

Hackers targeted AutoCanada in a cyberattack last Sunday that impacted the automobile dealership group's internal IT systems, which may lead to disruptions. [...]

Researchers Uncover Vulnerabilities in Solarman and Deye Solar Systems
2024-08-12 10:30

Cybersecurity researchers have identified a number of security shortcomings in photovoltaic system management platforms operated by Chinese companies Solarman and Deye that could enable malicious actors to cause disruption and power blackouts. "If exploited, these vulnerabilities could allow an attacker to control inverter settings that could take parts of the grid down, potentially causing blackouts," Bitdefender researchers said in an analysis published last week.

Windows Downgrade Attack Risks Exposing Patched Systems to Old Vulnerabilities
2024-08-08 10:05

Microsoft said it is developing security updates to address two loopholes that it said could be abused to stage downgrade attacks against the Windows update architecture and replace current versions of the Windows files with older versions. The second vulnerability also concerns a case of privilege escalation in Windows systems that support VBS, effectively allowing an adversary to replace current versions of Windows system files with outdated versions.

Windows Update downgrade attack "unpatches" fully-updated systems
2024-08-07 20:24

SafeBreach security researcher Alon Leviev discovered a Windows Update downgrade attack that can "unpatch" fully-updated Windows 10, Windows 11, and Windows Server systems to reintroduce old...