Tag: Microsoft

Cybersecurity

CISA warns of remote code execution vulnerability with Discourse

54 mins ago
admin

Open Source CISA urged developers to update Discourse versions 2.7.8 and earlier in a notice sent out on Sunday, warning that a remote code execution vulnerability was tagged as “critical.” …

add on Cybersecurity Cybersecurity News Mozilla Remote Code Execution Vulnerability

Malicious Firefox Add-ons Blocked

4 hours ago
admin

Mozilla Firefox is a free and open-source web browser that displays online pages using the Gecko rendering engine, which adheres to current and future web standards. What Happened? Mozilla disabled…

APT Cybersecurity Cybersecurity News Nobelium nobelium hacking group SolarWinds tech resellers

Nobelium APT Group: A New Supply Chain Attack where Tech Resellers Are Targeted

4 hours ago
admin

Nobelium APT group, the one behind the famous SolarWinds attack and also associated with Russia’s spy agency, seems to reenter the threat landscape scene. This time its targets are tech resellers,…

Cybersecurity

Nearly all US execs have experienced a cybersecurity threat, but some say there's still no plan

5 hours ago
admin

A new survey suggests the majority of US executives have encountered a cybersecurity incident but this has not translated into the creation of incident response plans. On Tuesday, Deloitte published…

Cloud Cyber Attack Cyber Attacks Cybersecurity Hacking Hacking News Nobelium Russia Security SolarWinds

SolarWinds hackers, Nobelium, hit cloud providers and resellers

16 hours ago
admin

So far, Microsoft has informed 140 companies about the new attack campaign being carried out by Nobelium 14 of which were compromised by the group. The IT security researchers at…

Cybersecurity Hacks Malware Vulnerabilities Web Security

BillQuick Billing App Rigged to Inflict Ransomware

18 hours ago
admin

A SQL injection bug in the BillQuick billing app has not only leaked sensitive information, it’s also let malicious actors remotely execute code and deploy ransomware. Threat actors are picking…

Cybersecurity Hacks Malware Vulnerabilities Web Security

BQE Web Suite Billing App Rigged to Inflict Ransomware

18 hours ago
admin

An SQL-injection bug in the BQE Web Suite billing app has not only leaked sensitive information, it’s also let malicious actors execute code and deploy ransomware. Threat actors have been…

breach Cybersecurity Government Hacks Web Security

SolarWinds APT Targets Tech Resellers in Latest Supply-Chain Cyberattacks

20 hours ago
admin

The Nobelium group, linked to Russia’s spy agency, is looking to use resellers as a path to infiltrate their valuable downstream customers – and it’s working. The SolarWinds attackers –…

cozy bear Cybersecurity Geopolitics Government Microsoft Nobelium Russia SolarWinds SVR Technology Threats Tom Burt

Latest Russian espionage activity is broader than SolarWinds-style hacking effort, Microsoft's Tom Burt says

21 hours ago
admin

Written by Tim Starks Oct 25, 2021 | CYBERSCOOP An apparent espionage campaign from the same Russian hacking group that breached the U.S. federal contractor SolarWinds in 2020 differed from…

Crypto crypto-mining malware Cybersecurity Cybersecurity News Malware

A Well-Known NPM Library Was Hijacked

1 day ago
admin

User-Agent data is utilized by UA-Parser-JS in applications and webpages to determine the type of device or browser a user is using. A remote attacker might gain access to sensitive…