Recent Security News

  • Information Stealer Exploits Windows SmartScreen Bypass

    January 15, 2024 at 07:48AM A Windows SmartScreen vulnerability (CVE-2023-36025) is being actively exploited to deliver Phemedrone Stealer malware, as reported by Trend Micro. Despite patches being released, threat actors continue to exploit the bug to bypass Windows Defender SmartScreen protection, leading to infections. The malware, written in C#, can steal a wide range of…

    Read More

  • GitLab Patches Critical Password Reset Vulnerability

    January 15, 2024 at 07:07AM A vulnerability in GitLab’s email verification process (CVE-2023-7028, CVSS score 10) allows attackers to hijack the password reset process by sending reset messages to unverified email addresses. This affects GitLab CE/EE versions 16.1 to 16.7.1, with patches released in versions 16.5.6, 16.6.4, and 16.7.2. Users are advised to update instances…

    Read More

  • Cloud Server Abuse Leads to Huge Spike in Botnet Scanning

    January 15, 2024 at 06:12AM Security solutions provider Netscout has observed a significant increase in botnet scanning activity, with peak numbers reaching 43,000 devices on December 20. The use of free cloud and hosting servers by attackers to create botnet launch pads has risen, allowing for anonymity and low overhead. The scanning represents reconnaissance activity…

    Read More

  • Juniper Networks Patches Critical Remote Code Execution Flaw in Firewalls, Switches

    January 15, 2024 at 06:12AM Juniper Networks has addressed more than 100 vulnerabilities, including the critical CVE-2024-21591 affecting Junos OS. The flaw could allow attackers to execute arbitrary code or cause a denial-of-service. Additionally, the company has patched high and medium severity flaws in third-party components. No known attacks exploiting these vulnerabilities have been reported.…

    Read More

  • Ransomware protection deconstructed

    January 15, 2024 at 03:55AM Rubrik has selected the top 12 must-see demos of their products, available on demand. The demos cover various aspects, such as reducing complexity, data protection, integrations, and handling data fragmentation. The increasing digital information creates risks, making Rubrik’s data protection management approach valuable. Access The 12 Days of Demos for…

    Read More