The Hacker News Most trusted, widely-read independent cybersecurity news source for everyone; supported by hackers and IT professionals — Send TIPs to [email protected]
- Microsoft Fixes New Azure AD Vulnerability Impacting Bing Search and Major Appsby [email protected] (The Hacker News) on April 1, 2023 at 8:33 am
Microsoft has patched a misconfiguration issue impacting the Azure Active Directory (AAD) identity and access management service that exposed several "high-impact" applications to unauthorized access. "One of these apps is a content management system (CMS) that powers Bing.com and allowed us to not only modify search results, but also launch high-impact XSS attacks on Bing users," cloud security
- Cacti, Realtek, and IBM Aspera Faspex Vulnerabilities Under Active Exploitationby [email protected] (The Hacker News) on April 1, 2023 at 4:51 am
Critical security flaws in Cacti, Realtek, and IBM Aspera Faspex are being exploited by various threat actors in hacks targeting unpatched systems. This entails the abuse of CVE-2022-46169 (CVSS score: 9.8) and CVE-2021-35394 (CVSS score: 9.8) to deliver MooBot and ShellBot (aka PerlBot), Fortinet FortiGuard Labs said in a report published this week. CVE-2022-46169 relates to a critical
- Hackers Exploiting WordPress Elementor Pro Vulnerability: Millions of Sites at Risk!by [email protected] (The Hacker News) on April 1, 2023 at 4:36 am
Unknown threat actors are actively exploiting a recently patched security vulnerability in the Elementor Pro website builder plugin for WordPress. The flaw, described as a case of broken access control, impacts versions 3.11.6 and earlier. It was addressed by the plugin maintainers in version 3.11.7 released on March 22. "Improved code security enforcement in WooCommerce components," the Tel
- Winter Vivern APT Targets European Government Entities with Zimbra Vulnerabilityby [email protected] (The Hacker News) on March 31, 2023 at 2:07 pm
The advanced persistent threat (APT) actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign. "TA473 since at least February 2023 has continuously leveraged an unpatched Zimbra vulnerability in publicly facing webmail portals that allows them to gain access to the email mailboxes of government entities in Europe," Proofpoint
- Cyber Police of Ukraine Busted Phishing Gang Responsible for $4.33 Million Scamby [email protected] (The Hacker News) on March 31, 2023 at 12:01 pm
The Cyber Police of Ukraine, in collaboration with law enforcement officials from Czechia, has arrested several members of a cybercriminal gang that set up phishing sites to target European users. Two of the apprehended affiliates are believed to be organizers, with 10 others detained in other territories across the European Union. The suspects are alleged to have created more than 100 phishing
UK Computer Companies - Business Directory Uk - Business listings for computer repair, support and hardware companies
Computer Networking, Network Directory - Computer networking solutions providers and companies