Security News

Microsoft has finally confirmed that some Windows Server 2019 and 2022 systems were "unexpectedly" upgraded to Windows Server 2025 on devices if updates were managed using third-party patch...

Allowed access to 150k cameras, some in sensitive spots, but has been done for spamming Physical security biz Verkada has agreed to cough up $2.95 million following an investigation by the US...

Researchers find many similarities, and nasty new customizations such as embedded compromised user credentials The Cicada3301 ransomware, which has claimed at least 20 victims since it was spotted...

Progress Software has fixed a critical vulnerability in its Telerik Report Server solution and is urging users to upgrade as soon as possible. Telerik Report Server is an enterprise solution for storing, creating, managing and viewing reports in web and desktop applications.

The China-linked advanced persistent threat group codenamed APT41 is suspected to be using an "Advanced and upgraded version" of a known malware called StealthVector to deliver a previously undocumented backdoor dubbed MoonWalk. The new variant of StealthVector - which is also referred to as DUSTPAN - has been codenamed DodgeBox by Zscaler ThreatLabz, which discovered the loader strain in April 2024.

Recent cyberattacks targeting the nation's healthcare system have demonstrated the vulnerability of hospitals and payment systems. In January of 2024, the Department of Health and Human Services launched a healthcare cybersecurity gateway website to simplify access to the Department's healthcare-specific cybersecurity information and resources and published voluntary Healthcare and Public Health Cybersecurity Performance Goals designed to help healthcare institutions plan and prioritize high-impact cybersecurity practices.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

With Windscribe VPN, you can improve your security online by blocking ads, covering your browsing data and blocking your network behind a firewall. Normally, a Windscribe VPN Three-Year Pro Subscription would be $207, but you can get it for the best price online of $69.97 through May 12.

There are proof-of-concept techniques allowing attackers to achieve persistence on Palo Alto Networks firewalls after CVE-2024-3400 has been exploited, the company has confirmed on Monday, but they are "Not aware at this time of any malicious attempts to use these persistence techniques in active exploitation of the vulnerability." On April 12, Palo Alto Networks warned about limited attacks against internet-exposed firewalls, likely by a state-backed threat actor, who managed to install backdoors, grab sensitive data, and move laterally through target organizations' networks.

A vulnerability in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike. According to Censys, there are currently 9,600+ publicly-exposed CrushFTP hosts, mostly in North America and Europe.