+84949482065
Google says that in 2021, it has sent more than 50,000 warnings of state-sponsored phishing and other attacks targeting its customers. A security engineer from Google’s Threat Analysis group (TAG)…
The Apache Software Foundation has released a security advisory to address a vulnerability in multiple versions of Tomcat. An attacker could exploit this vulnerability to cause a denial of service…
VirusTotal has published a report detailing its findings from analyzing 80 million ransomware samples. VirusTotal says that of those samples, 95 percent targeted Windows machines. The report breaks down ransomware…
Microsoft says that in August, it defended an Azure customer from a UDP reflection distributed denial-of-service (DDoS) attack that at its peak was measured at 2.4 terabits per second (Tbps).…
Microsoft’s October security release includes fixes for more than 70 issues, including a zero-day privilege elevation vulnerability in Win32 Driver that is being actively exploited. The batch fixes three additional…
A Let’s Encrypt root certificate expired, disrupting some popular websites and services. There has been advance warning that the IdentTrust DST Root CA X3 certificate would expire on September 30.…
OpenVPN Monitor versions 1.1.3 and below suffer from an injection vulnerability that allows an attacker to inject arbitrary commands into the OpenVPN server management interface socket. More https://packetstormsecurity.com/files/164278/OpenVPN-Monitor-1.1.3-Command-Injection.html
Syniverse, a company that manages SMS routing for major US carriers, has disclosed that attackers had access to its databases for five years. In a filing with the US Securities…
Apache has released a second update for its HTTP Web Server after an initial fix was deemed incomplete. Apache’s first fix for the path traversal vulnerability (CVE-2021-41773) was released in…
