HPE told the SEC that Russian state-sponsored threat group Midnight Blizzard had access to an email system for several months.
The post HPE Says Russian Government Hackers Had Access to Emails for 6 Months appeared first on SecurityWeek.
Major US, UK Water Companies Hit by Ransomware
Two major water companies, Veolia in the US and Southern Water in the UK, have been targeted in ransomware attacks that resulted in data breaches.
The post Major US, UK Water Companies Hit by Ransomware appeared first on SecurityWeek.
Cybercrime’s Silent Operator: The Unraveling of VexTrio’s Malicious Network Empire
VexTrio is a traffic direction system (TDS) with more than 60 affiliates feeding an unknown number of malicious campaigns.
The post Cybercrime’s Silent Operator: The Unraveling of VexTrio’s Malicious Network Empire appeared first on SecurityWeek.
Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure
The Atlassian Confluence vulnerability CVE-2023-22527 is being exploited in the wild just days after it was disclosed.
The post Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure appeared first on SecurityWeek.
Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs
A Russian government-backed hacking team broke into Microsoft’s corporate network and stole emails and attachments from senior executives.
The post Microsoft Says Russian Gov Hackers Stole Email Data from Senior Execs appeared first on SecurityWeek.
VMware vCenter Server Vulnerability Exploited in Wild
VMware warns customers that CVE-2023-34048, a vCenter Server vulnerability patched in October 2023, is being exploited in the wild.
The post VMware vCenter Server Vulnerability Exploited in Wild appeared first on SecurityWeek.
Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns
Russian threat group ColdRiver has developed Spica, a malware that enables it to compromise systems and steal information.
The post Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns appeared first on SecurityWeek.
Google Warns of Chrome Browser Zero-Day Being Exploited
The exploited zero-day, tagged as CVE-2024-0519, is described as an out-of-bounds memory access issue in the V8 JavaScript engine.
The post Google Warns of Chrome Browser Zero-Day Being Exploited appeared first on SecurityWeek.
Hacker Conversations: HD Moore and the Line Between Black and White
SecurityWeek talked to HD Moore, best known as the founder and original developer of Metasploit.
The post Hacker Conversations: HD Moore and the Line Between Black and White appeared first on SecurityWeek.
Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins
The recently disclosed Ivanti VPN zero-days have been exploited to hack at least 1,700 devices, including government, telecoms, defense, and tech.
The post Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins appeared first on SecurityWeek.
