Recent Security News
-
Hacker Behind $2 Million Cryptocurrency Mining Scheme Arrested in Ukraine
January 15, 2024 at 02:30PM Ukrainian Police and Europol arrested a 29-year-old individual in Mykolaiv, Ukraine, suspected of orchestrating a $2 million cryptojacking scheme. The attacker targeted a major ecommerce company, hacking over 1,500 user accounts and infecting the service with cryptocurrency mining malware. Authorities are investigating potential accomplices and the suspect’s ties to pro-Russian…
-
Windows SmartScreen flaw exploited to drop Phemedrone malware
January 15, 2024 at 01:34PM Phemedrone malware exploits Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass security prompts in Windows. It steals data from web browsers, cryptocurrency wallets, and apps like Discord and Steam. The flaw was fixed in November 2023, but unpatched systems remain at risk. Trend Micro researchers have identified the specific apps and…
-
Over 178,000 SonicWall firewalls vulnerable to RCE, DoS attacks
January 15, 2024 at 01:34PM Security researchers discovered that more than 178,000 SonicWall firewalls with exposed online management interfaces are vulnerable to denial-of-service and remote code execution attacks. These vulnerabilities affect a large number of appliances and can lead to serious security risks. Users are advised to take measures to protect their devices from these…
-
Patch time: Critical GitLab vulnerability exposes 2FA-less users to account takeovers
January 15, 2024 at 12:41PM GitLab admins must urgently apply the latest security patches due to a critical account-bypass vulnerability (CVE-2023-7028) impacting versions 16.1.0 to 16.7.1. Attackers can exploit it to send password reset emails and potentially take over accounts. Enabling 2FA is recommended as a stop-gap mitigation. Other vulnerabilities (CVE-2023-5356, CVE-2023-4812, CVE-2023-6955, and CVE-2023-2030)…
-
Opera MyFlaw Bug Could Let Hackers Run ANY File on Your Mac or Windows
January 15, 2024 at 11:44AM The Guardio Labs research team has revealed a security flaw, dubbed MyFlaw, in the Opera web browser for Windows and macOS, allowing execution of files on the operating system. The flaw exploits the My Flow feature, prompting updates on Nov 22, 2023, to address it. The vulnerability emphasizes the need…