SafeBreach security researcher Alon Leviev has released his Windows Downdate tool, which can be used for downgrade attacks that reintroduce old vulnerabilities in up-to-date Windows 10, Windows 11, and Windows Server systems. […] Go to Source Author: Sergiu Gatlan
Category Archives: Security
Park’N Fly is warning that a data breach exposed the personal and account information of 1 million customers in Canada after hackers breached its network. […] Go to Source Author: Bill Toulas
External Attack Surface Management (EASM) coupled with Penetration Testing as a Service (PTaaS) can help find those blind spots and hidden assets exposed on your network. Learn more from Outpost24 about how combining EASM and PTaaS can help reveal these hidden pitfalls. […] Go to Source Author: Sponsored by Outpost24
A massive QR code phishing campaign abused Microsoft Sway, a cloud-based tool for creating online presentations, to host landing pages to trick Microsoft 365 users into handing over their credentials. […] Go to Source Author: Sergiu Gatlan
The Chinese state-backed hacking group Volt Typhoon is behind attacks that exploited a zero-day flaw in Versa Director to upload a custom webshell to steal credentials and breach corporate networks. […] Go to Source Author: Lawrence Abrams
Today, Google revealed that it patched the tenth zero-day exploited in the wild in 2024 by attackers or security researchers during hacking contests. […] Go to Source Author: Sergiu Gatlan
Patelco Credit Union warns customers it suffered a data breach after personal data was stolen in a RansomHub ransomware attack earlier this year. […] Go to Source Author: Bill Toulas
Microsoft is investigating an Exchange Online false positive issue causing emails containing images to be wrongly tagged as malicious and sent to quarantine. […] Go to Source Author: Sergiu Gatlan
Versa Networks has fixed a zero-day vulnerability exploited in the wild that allows attackers to upload malicious files by exploiting an unrestricted file upload flaw in the Versa Director GUI. […] Go to Source Author: Sergiu Gatlan
SonicWall’s SonicOS is vulnerable to a critical access control flaw that could allow attackers to gain access unauthorized access to resources or cause the firewall to crash. […] Go to Source Author: Bill Toulas