Bypass Bug Revives Critical N-Day in Mitel MiCollab
A single barrier prevented attackers from exploiting a critical vulnerability in an enterprise collaboration platform. Now there's a workaround.
New Android spyware found on phone seized by Russian FSB
After a Russian programmer was detained by Russia's Federal Security Service (FSB) for fifteen days and his phone confiscated, it was…
Onapsis Expands Code Security Capabilities to Accelerate and De-Risk SAP BTP Development Projects
PRESS RELEASE BOSTON, MA — December 4, 2024 – Onapsis, the global leader in SAP cybersecurity and...
Supreme Court to weigh state ban on transgender ‘medical treatments’ for minors
The Supreme Court will consider restrictions on puberty blockers, hormone therapy and gender transition surgery for minors for the first…
Exploit released for critical WhatsUp Gold RCE flaw, patch now
A proof-of-concept (PoC) exploit for a critical-severity remote code execution flaw in Progress WhatsUp Gold has been published, making it…
Veeam warns of critical RCE bug in Service Provider Console
Veeam released security updates today to address two Service Provider Console (VSPC) vulnerabilities, including a critical remote code execution (RCE)…
Police seizes largest German online crime marketplace, arrests admin
Germany has taken down the largest online cybercrime marketplace in the country, named "Crimenetwork," and arrested its administrator for facilitating the…
‘Bootkitty’ First Bootloader to Take Aim at Linux
Though it's still just a proof of concept, the malware is functional and can evade the Secure Boot process on…
BootKitty UEFI malware exploits LogoFAIL to infect Linux systems
The recently uncovered 'Bootkitty' UEFI bootkit, the first malware of its kind targeting Linux systems, exploits CVE-2023-40238, aka 'LogoFAIL,' to…
Novel phishing campaign uses corrupted Word documents to evade security
A novel phishing attack abuses Microsoft's Word file recovery feature by sending corrupted Word documents as email attachments, allowing them…