Cyber security aggregate rss news

Cyber security aggregator - feeds history

totals: cyware (7) thehackernews (2)

Researchers Uncover Details on Zero-Day Vulnerability Affecting Zimbra Collaboration and CPIO

cyware Oct 08, 2022 Malware and Vulnerabilities

In September, an attack was reported in the Zimbra forums where a malicious actor was able to upload a JSP web shell into the public directory to execute a command, generating a pre-authentication key to login to an existing account.

Cyber Attack Suspected in Hartnell College Network Outage

cyware Oct 08, 2022 Breaches and Incidents

Hartnell College held an emergency meeting of its governing board this week to discuss the school’s ongoing network outage in response to a potential cybersecurity threat.

State Bar of Georgia Notifies Members and Employees of Cybersecurity Incident

cyware Oct 08, 2022 Breaches and Incidents

The State Bar of Georgia announced that it experienced a cybersecurity incident that resulted in unauthorized access to its systems. After learning of the incident, the State Bar worked to restore its systems safely and resume normal operations.

Toyota Warns Thousands of Customers That They May Get Scam Emails After Data Leak

cyware Oct 08, 2022 Threat Intel & Info Sharing

Around 296,000 pieces of customer information from the T-Connect service might have been leaked. Toyota released a statement warning its customers that they may be at risk of receiving phishing scams or unsolicited emails to their email addresses.

LofyGang hackers built a credential-stealing enterprise on Discord, NPM

cyware Oct 08, 2022 Threat Actors

The 'LofyGang' threat actors have created a credential-stealing enterprise by distributing 200 malicious packages and fake hacking tools on code hosting platforms, such as NPM and GitHub.

LilithBot Malware and Eternity Project's Cybercrime Operation

cyware Oct 08, 2022 Malware and Vulnerabilities

The multi-function malware is being constantly developed by its operators who have added anti-VM checks and anti-debugging features too. LilithBot can steal cookies, screenshots, pictures, and browser history from infected systems.

GitHub Repositories Offer Fake Exploits for Exchange Flaws

cyware Oct 08, 2022 Identity Theft, Fraud, Scams

Microsoft and GTSC disclosed that scammers have jumped on the bandwagon to abuse Exchange flaws by creating GitHub repositories for fake exploits.

Microsoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities

thehackernews Oct 08, 2022 Feed

Microsoft on Friday disclosed it has made more improvements to the mitigation method offered as a means to prevent exploitation attempts against the newly disclosed unpatched security flaws in Exchange Server. To that end, the tech giant has revised the blocking rule in IIS Manager from ".*autodiscover.json.*Powershell.*" to "(?=.*autodiscover.json)(?=.*powershell)." The list of

Hackers Exploiting Unpatched RCE Flaw in Zimbra Collaboration Suite

thehackernews Oct 08, 2022 Feed

A severe remote code execution vulnerability in Zimbra's enterprise collaboration software and email platform is being actively exploited, with no patch currently available to remediate the issue. The shortcoming, assigned CVE-2022-41352, carries a critical-severity rating of CVSS 9.8, providing a pathway for attackers to upload arbitrary files and carry out malicious actions on affected

2022-10

2020202120222023202420252026

Aggregator history

Saturday, October 08

SAT

SUN

MON

TUE

WED

THU

FRI