ESXiArgs ransomware attack targets VMware ESXi servers worldwide
Attackers actively target VMware ESXi servers unpatched against a two-year-old remote code execution vulnerability to deploy ransomware
Read More...
Atlassian warns of critical Jira Service Management auth flaw
The security issue affects versions 5.3.0 through 5.5.0 - hackers can get access to a Jira Service Management instance under certain circumstances
Read More...
QNAP fixes a critical bug that lets hackers inject malicious code
The vulnerability is tracked as CVE-2022-27596 and rated by the company as 'Critical' (CVSS v3 score: 9.8), impacting QTS 5.0.1 and QuTS hero h5.0.1 versions of the operating system
Read More...
New DDoS-as-a-Service platform used in recent attacks on hospitals
"Passion" offers the option of ten attack vectors, allowing subscribers to customize their attack as needed and even combine vectors to bypass mitigations implemented by the target
Read More...
New Exploit for Chromebook Unenrolls Managed ChromeOS Devices
A new exploit has been devised to "unenroll" enterprise- or school-managed Chromebooks from administrative control
Read More...
Microsoft urges admins to patch on-premises Exchange servers
To defend your Exchange servers against attacks that exploit known vulnerabilities, you must install the latest supported CU
Read More...
Bitwarden password vaults targeted in Google ads phishing attack
When protecting your password vaults from phishing attacks, the first line of defense is always to confirm you're entering your credentials on the correct website
Read More...
Federal agencies hacked using legitimate remote desktop tools
The attackers behind this campaign began sending help desk-themed phishing emails to federal staff's government and personal email addresses since at least mid-June 2022
Read More...
VMware Releases Patches for Critical vRealize Log Insight Software Vulnerabilities
Two of the flaws are critical, carrying a severity rating of 9.8 out of a maximum of 10, the virtualization services provider noted in its first security bulletin for 2023
Read More...
LastPass Parent Company GoTo Suffers Data Breach, Customers’ Backups Compromised
The breach, which targeted a third-party cloud storage service, impacted Central, Pro, join.me, Hamachi, and RemotelyAnywhere products
Read More...