Critical authentication bypass flaw in multiple VMware products
VMware urges customers to immediately patch a critical authentication bypass flaw affecting multiple products.
Two vulnerabilities allows attackers with backdoor access to gain admin privileges on multiple VMware products -- and that's not a good thing.
Bruno Lopez of Innotec Security w... Read more
Use of malicious PHP code by hackers leads to stolen credit card data
Te FBI states that unidentified hackers created a backdoor into a victim’s system and accessed their credit card data.
The FBI has issued a warning stating that unidentified individuals have been scraping credit card data from the checkout pages of US websites and E-commerce business owners ar... Read more
Backdoor in public code repository presents a new security threat
A new form of attack has been used to target big tech firms using "dependency confusion"
A professional tester has created a backdoor that researchers found hiding inside open source code targeting four German companies, according to a report in Ars Technica. The tester was checking clients’ r... Read more
The European wind energy industry is facing a slew of cyberattacks
Since the start of the crisis in Ukraine, cyberattacks on three European wind-energy businesses have prompted fears that Russian-friendly hackers are attempting to wreak havoc in a sector that stands to profit from attempts to reduce reliance on Russian oil and gas.
The hacked firms haven't offi... Read more
Ukraine asks for cyber assistance from underground hackers
According to two persons familiar with the initiative, the Ukrainian government is looking for participants from the country's hacker community to assist secure key infrastructure and undertake cyber-surveillance missions against Russian forces.
When Russian forces stormed towns across Ukraine o... Read more
Intel expands its Bug Bounty program, brings together elite hackers
Intel has extended its bounty program. With the help of the latest security advancements and a community of professional hackers, Intel wants to redefine vulnerability management.
Project Circuit Breaker gathers hackers to look for flaws in graphics processing units, firmware, processors, h... Read more
Hackers use Google Doc comment emails to trick security tools
Avanan, a cybersecurity company, has shown a rise in the use of Google Docs’ productivity features to sneak malicious content past spam filters and security tools. Jeremey Fuchs, from Avanan, said the company saw cyberattackers use the comment feature in Google Docs over December to attack Outloo... Read more
Sophisticated malware from PyPI was downloaded more than 41,000 times
PyPI, the open-source repository used by both large and small organizations to download code libraries, was hosting 11 malicious packages that were downloaded more than 41k times in one of the latest reports of an incident of this nature.
JFrog found the software supply chain risk. This security... Read more
‘Trojan Source’ can inject malware into source code undetected
A new research paper has been published with details about a new technique that can be exploited to inject malware into source code without being detected. Named ‘Trojan Source' by Cambridge University researchers, the method involves the manipulation of source file encoding so that human viewers... Read more
Microsoft: Russia behind 58% of all state-sponsored hacks
The attacks mostly targeted government agencies and think tanks in the United States, Ukraine and U.K.
Russia was behind 58 percent of all state-backed cyber attacks carried out over the past year on Western targets, according to new research conducted by Microsoft. The report also found that Ch... Read more