Recent Security News
-
CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day
February 13, 2024 at 03:16PM Water Hydra exploited the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) targeting financial market traders. The Trend Micro Zero Day Initiative discovered and disclosed this, cooperating with Microsoft to ensure a rapid patch. Water Hydra also used similar tactics in a campaign targeting traders. The group’s attack patterns reflect high levels…
-
QNAP vulnerability disclosure ends up an utter shambles
February 13, 2024 at 03:05PM QNAP has disclosed and patched two vulnerabilities, including a zero-day, affecting its NAS devices. The severity of the issues is disputed, with QNAP rating one as mid-level and Unit 42 as a critical threat. The vulnerabilities can lead to remote code execution and affect numerous devices, with specific patch recommendations…
-
Aircraft Leasing Company Acknowledges Cyberattack in SEC Filing
February 13, 2024 at 03:05PM Willis Lease Finance Corp. reported a cybersecurity incident on Jan. 31, resulting in offline systems. Unauthorized activity was discovered, prompting an investigation alongside cybersecurity experts. While the group behind the incident remains unidentified, the Black Basta ransomware group claimed to have stolen 910GB of data from the company, including customer…
-
Microsoft Confirms Windows Exploits Bypassing Security Features
February 13, 2024 at 02:57PM Microsoft has issued a large set of security software updates, highlighting three vulnerabilities being exploited in live malware attacks. The updates address 72 security flaws in the Windows ecosystem, warning of risks including remote code execution and privilege escalation. Meanwhile, Adobe has patched 30 security flaws and urged users to…