Germany blocks BadBox malware loaded on 30,000 Android devices
Germany's Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices…
Patch Tuesday, December 2024 Edition
Microsoft today released updates to plug at least 70 security holes in Windows and Windows software, including one vulnerability that…
Actively Exploited Zero-Day, Critical RCEs Lead Microsoft Patch Tuesday
The zero-day (CVE-2024-49138), plus a worryingly critical unauthenticated RCE security vulnerability (CVE-2024-49112), are unwanted gifts for security admins this season.
Microsoft NTLM Zero-Day to Remain Unpatched Until April
The second zero-day vulnerability found in Windows NTLM in the past two months paves the way for relay attacks and…
OpenWrt Sysupgrade flaw let hackers push malicious firmware images
A flaw in OpenWrt's Attended Sysupgrade feature used to build custom, on-demand firmware images could have allowed for the distribution of malicious…
QR codes bypass browser isolation for malicious C2 communication
Mandiant has identified a novel method to bypass contemporary browser isolation technology and achieve command-and-control C2 operations. [...]
New Windows zero-day exposes NTLM credentials, gets unofficial patch
A new zero-day vulnerability has been discovered that allows attackers to capture NTLM credentials by simply tricking the target into viewing…
Romania’s election systems targeted in over 85,000 cyberattacks
A declassified report from Romania's Intelligence Service says that the country's election infrastructure was targeted by more than 85,000 cyberattacks.…
Bypass Bug Revives Critical N-Day in Mitel MiCollab
A single barrier prevented attackers from exploiting a critical vulnerability in an enterprise collaboration platform. Now there's a workaround.
White House: Salt Typhoon hacked telcos in dozens of countries
Chinese state hackers, known as Salt Typhoon, have breached telecommunications companies in dozens of countries, President Biden's deputy national security…