Security News

Upgrade Your Cybersecurity With This VPN That’s Only $70 for Three Years
2024-05-09 13:00

With Windscribe VPN, you can improve your security online by blocking ads, covering your browsing data and blocking your network behind a firewall. Normally, a Windscribe VPN Three-Year Pro Subscription would be $207, but you can get it for the best price online of $69.97 through May 12.

Palo Alto firewalls: CVE-2024-3400 exploitation and PoCs for persistence after resets/upgrades
2024-04-30 12:44

There are proof-of-concept techniques allowing attackers to achieve persistence on Palo Alto Networks firewalls after CVE-2024-3400 has been exploited, the company has confirmed on Monday, but they are "Not aware at this time of any malicious attempts to use these persistence techniques in active exploitation of the vulnerability." On April 12, Palo Alto Networks warned about limited attacks against internet-exposed firewalls, likely by a state-backed threat actor, who managed to install backdoors, grab sensitive data, and move laterally through target organizations' networks.

CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)
2024-04-23 09:50

A vulnerability in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike. According to Censys, there are currently 9,600+ publicly-exposed CrushFTP hosts, mostly in North America and Europe.

NordPass Free vs. Premium: Is It Worth the Upgrade?
2024-02-29 23:24

NordPass offers both Free and Premium versions. Learn about the differences and features of each version to determine which one is right for you.

Raspberry Robin Malware Upgrades with Discord Spread and New Exploits
2024-02-09 16:32

The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than...

Microsoft fixes Copilot issue blocking Windows 11 upgrades
2024-02-08 21:35

Microsoft has lifted a compatibility hold that blocked upgrades to Windows 11 23H2 after resolving an issue that caused desktop icons to move erratically when using Windows Copilot on multi-monitor systems. This known issue impacts home users running Windows 10 22H2, Windows 11 22H2, and Windows 11 23H2. It doesn't affect managed devices because Copilot for Windows has yet to roll out on enterprise systems.

URGENT: Upgrade GitLab - Critical Workspace Creation Flaw Allows File Overwrite
2024-01-30 16:18

GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could be exploited to write arbitrary files while creating...

Atomic Stealer Gets an Upgrade - Targeting Mac Users with Encrypted Payload
2024-01-11 11:40

Cybersecurity researchers have identified an updated version of a macOS information stealer called Atomic (or AMOS), indicating that the threat actors behind the malware are actively enhancing its...

Tech upgrades for first responders are a necessity, not a luxury
2023-12-29 04:30

Public safety professionals want technology upgrades and adoption of federal standards for first responder IT security, reporting and efficiency, according to Mark43. "We heard a resounding response from first responders across the country: They are concerned about their public safety agency's ability to withstand cyberattacks and natural disasters, given the ever-increasing number and severity of bad actors attacking public infrastructure as well as the uptick in extreme weather incidents," said Matthew Polega, President, Mark43.

New RCE vulnerability in Apache Struts 2 fixed, upgrade ASAP (CVE-2023-50164)
2023-12-08 11:48

The Apache Struts project has released updates for the popular open-source web application framework, with fixes for a critical vulnerability that could lead to remote code execution. The vulnerability affects Apache Struts versions 2.0.0 through 2.5.32 and 6.0.0 through 6.3.0.1, and has been fixed in Apache Struts versions 2.5.33 and 6.3.0.2.