+84949482065
Studies from two security firms suggest that ransomware victims are increasingly refusing to pay the attackers’ demands. According to Chainalysis, ransomware payments fell from $766 million in 2021 to $457…
Cisco has released updates to fix an improper user input validation vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME).…
Health sector breaches recently reported to the US Department of Health and Human Services (HHS) include a network disruption affecting more than 250,000 patients at Bay Bridge Administrators, a network…
Researchers from Ermetic have detailed their findings of a cross-site request forgery vulnerability affecting Azure cloud services. The flaw, dubbed EmojiDeploy, can be exploited to achieve remote code execution. The…
As of the 10th of January 2023, Windows 7, 8, and 8.1, and Windows Server 2008 R2 will no longer receive patches from Microsoft. Millions of devices will now become…
Fortinet says that an unknown threat actor exploited a critical flaw in its FortiOS SSL-VPN to infect systems at government and government-related organizations. Fortinet released a fix for the heap-based…
Hackers are exploiting a known critical vulnerability in the Web Control Panel web hosting interface. The unauthenticated remote code execution flaw was patched in October 2022; users are urged to…
A researcher discovered a massive campaign using more than 1,300 domains to masquerade as the official AnyDesk site, which redirects the victim to a Dropbox folder that deploys Vidar info-stealer.…
The official websites of Denmark’s central bank and seven other private banks, along with IT solutions provider Bankdata, were hit by a series of DDoS attacks. More information here https://www.reuters.com/technology/denmarks-central-bank-website-hit-by-cyberattack-2023-01-10/
According to data gathered by the Shadowserver Foundation, more than 60,000 Microsoft Exchange servers remain unpatched against a known remote code execution vulnerability (CVE-2022-41082) that is exploited by ProxyNotShell. Microsoft…
