BotenaGo botnet targets millions of IoT devices with 33 exploits
A new BotenaGo malware botnet has been discovered using over thirty exploits to attack millions of routers and IoT devices. [...]
Cloud Attack Analysis Unearths Lessons for Security Pros
Researchers detail their investigation of a cryptomining campaign stealing AWS credentials and how attackers have evolved their techniques.
Magniber ransomware gang now exploits Internet Explorer flaws in attacks
The Magniber ransomware gang is now using two Internet Explorer vulnerabilities and malicious advertisements to infect users and encrypt their…
Gmail accounts are used in 91% of all baiting email attacks
Bait attacks are on the rise, and it appears that actors who distribute this special kind of phishing emails prefer…
New Application Security Toolkit Uncovers Dependency Confusion Attacks
The Dependency Combobulator is an open source Python-based toolkit that helps developers discover malicious software components that may have accidentally…
Microsoft patches Excel zero-day used in attacks, asks Mac users to wait
During this month's Patch Tuesday, Microsoft has patched an Excel zero-day vulnerability exploited in the wild by threat actors. [...]
Researcher Details Vulnerabilities Found in AWS API Gateway
AWS fixed the security flaws that left the API service at risk of so-called HTTP header-smuggling attacks, says the researcher…
NUCLEUS:13 TCP security bugs impact critical healthcare devices
Researchers today published details about a suite of 13 vulnerabilities in the Nucleus real-time operating system (RTOS) from Siemens that…
Microsoft Fixes Exchange Server Zero-Day
November security update contains patches for 55 bugs — including six zero-days across various products.
Microsoft Patch Tuesday, November 2021 Edition
Microsoft Corp. today released updates to quash at least 55 security bugs in its Windows operating systems and other software.…