Security News

Hardcoded Credential Vulnerability Found in SolarWinds Web Help Desk

2024-08-22 16:35

SolarWinds has issued patches to address a new security flaw in its Web Help Desk (WHD) software that could allow remote unauthenticated users to gain unauthorized access to susceptible instances....

#credential #solarwinds #vulnerability #WEB

SolarWinds fixes hardcoded credentials flaw in Web Help Desk

2024-08-22 15:01

SolarWinds has released a hotfix for a critical Web Help Desk vulnerability that allows attackers to log into unpatched systems using hardcoded credentials. [...]

#credential #solarwinds #WEB

Russian Hacker Jailed 3+ Years for Selling Stolen Credentials on Dark Web

2024-08-16 14:25

A 27-year-old Russian national has been sentenced to over three years in prison for peddling financial information, login credentials, and other personally identifying information (PII) on a...

#credential #darkweb #hacker #russian #WEB

SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software

2024-08-15 13:19

SolarWinds has released patches to address a critical security vulnerability in its Web Help Desk software that could be exploited to execute arbitrary code on susceptible instances. The flaw,...

#critical #patch #solarwinds #WEB #CVE-2024-28986

Critical RCE bug in SolarWinds Web Help Desk fixed (CVE-2024-28986)

2024-08-15 11:44

SolarWinds has fixed a critical vulnerability in its Web Help Desk solution that may allow attackers to run commands on the host machine. "While it was reported as an unauthenticated vulnerability, SolarWinds has been unable to reproduce it without authentication after thorough testing. However, out of an abundance of caution, we recommend all Web Help Desk customers apply the patch, which is now available," the company advises.

#critical #CVE #RCE #solarwinds #WEB #CVE-2024-28986

SolarWinds fixes critical RCE bug affecting all Web Help Desk versions

2024-08-14 15:22

A critical vulnerability in SolarWinds' Web Help Desk solution for customer support could be exploited to achieve remote code execution, the American business software developer warns in a...

#critical #RCE #solarwinds #WEB

Fraud ring pushes 600+ fake web shops via Facebook ads

2024-07-31 14:14

A malicious fraud campaign dubbed "ERIAKOS" promotes more than 600 fake web shops through Facebook advertisements to steal visitors' personal and financial information. [...]

#facebook #fraud #WEB

FIN7 Group Advertises Security-Bypassing Tool on Dark Web Forums

2024-07-17 10:33

The financially motivated threat actor known as FIN7 has been observed using multiple pseudonyms across several underground forums to likely advertise a tool known to be used by ransomware groups like Black Basta. "AvNeutralizer, a highly specialized tool developed by FIN7 to tamper with security solutions, has been marketed in the criminal underground and used by multiple ransomware groups," cybersecurity company SentinelOne said in a report shared with The Hacker News.

#bypassing #darkweb #fin7 #security #WEB

BunkerWeb: Open-source Web Application Firewall (WAF)

2024-07-10 04:00

BunkerWeb is an open-source Web Application Firewall distributed under the AGPLv3 free license. The solution's core code is entirely auditable by a third party and the community.

#firewall #opensource #WAF #WEB

HUMINT: Diving Deep into the Dark Web

2024-07-09 11:00

Clear Web - Web assets that can be viewed through public search engines, including media, blogs, and other pages and sites. Deep Web - Websites and forums that are unindexed by search engines.

#darkweb #WEB

Security News {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Security News"}]}

Security News