1395 stories
·
0 followers

Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools

1 Share
A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and ScreenConnect.  The vulnerability in question is CVE-2023-48788 (CVSS score: 9.3), an SQL injection bug that allows attackers to execute unauthorized code or commands by sending specially crafted

Read the whole story
NerdsToGo
1 minute ago
reply
Share this story
Delete

Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation

1 Share
Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain conditions. Of the three, two are rated Critical in severity. There is currently no evidence that the shortcomings have been exploited in the wild. The list of vulnerabilities is as follows -

Read the whole story
NerdsToGo
1 minute ago
reply
Share this story
Delete

Almost a million ConnectOnCall users may have had data stolen by hackers

1 Share
900,000 patients who called doctors out of hours may have had their information stolen following data breach.

Read the whole story
NerdsToGo
4 days ago
reply
Share this story
Delete

CISA orders federal agencies to secure Microsoft 365 tenants

1 Share
​CISA has issued this year's first binding operational directive (BOD 25-01), ordering federal civilian agencies to secure their Microsoft 365 cloud environments by implementing a list of required configuration baselines. [...]
Read the whole story
NerdsToGo
4 days ago
reply
Share this story
Delete

Critical infrastructure being hit by dangerous new malware - routers, firewalls and fuel systems all under threat

1 Share
Iranian hackers emerge with a new piece of malware, and they're going after gas stations and other critical infrastructure.

Read the whole story
NerdsToGo
7 days ago
reply
Share this story
Delete

Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks

1 Share

IOCONTROL targets IoT and OT devices from a ton of makers, apparently

An Iranian government-linked cybercriminal crew used custom malware called IOCONTROL to attack and remotely control US and Israel-based water and fuel management systems, according to security researchers.…

Read the whole story
NerdsToGo
7 days ago
reply
Share this story
Delete
Next Page of Stories