Skip to content

Home
Breaches
Threats
Compliance
Trends
Tools
Insights

About Us

Cyber Threats

October 5, 2021

9 out of 10 Malware Delivered via HTTPS Encrypted Connections

The latest Internet Security Report from WatchGuard Technologies has confirmed the majority of malware infections occur via HTTPS encrypted connections, which demonstrates the importance of ...

September 23, 2021

Microsoft Discovers Large-scale Phishing-as-a-Service Operation

Microsoft has discovered a major phishing-as-a-service operation that it says is behind many phishing attacks on businesses over the past 3 years. Phishing is one ...

September 23, 2021

macOS Finder Zero Day Vulnerability Allows Remote Code Execution

A currently unpatched zero-day vulnerability in the macOS Finder system can be exploited using a malicious email attachment to remotely execute arbitrary code. The vulnerability ...

September 17, 2021

CISA and FBI Warn of Nation State Hackers Exploiting Critical Zoho Vulnerability

A critical vulnerability affecting the Zoho single-sign-on and password management solution is being actively exploited by advanced persistent threat (APT) groups and has been since ...

August 31, 2021

CISA: Address Microsoft Azure Cosmos DB Vulnerability Now

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging all public and private sector organizations to address a recently discovered vulnerability in the Jupyter ...

August 19, 2021

Phishing Costs Large U.S. Companies $14.8 Million a Year

The cost of phishing attacks has risen fourfold over the past 6 according to the 2021 Cost of Phishing Report published by Proofpoint. Large companies ...

July 30, 2021

Have You Patched These 30 Frequently Exploited Vulnerabilities?

A joint cybersecurity advisory has been published by CISA, the FBI, the Australian Cyber Security Center, and the UK’s National Cyber Security Center about the ...

July 21, 2021

Hundreds of Millions of Windows Computers Have 16-Year Old Printer Driver Vulnerability

A high severity privilege escalation vulnerability has been identified in HP printer drivers, which are also used by Samsung and Xerox. Exploitation of the flaw ...

July 21, 2021

Fortinet Issues Patch to Correct Critical RCE Vulnerability in FortiManager and FortiAnalyzer

A critical remote code execution use-after-free vulnerability has been identified that affects Fortinet’s FortiManager and FortiAnalyzer network management solutions. If exploited, a non-authenticated remote attacker ...

July 20, 2021

MosaicLoader Malware Downloader Distributed Via Internet Ads for Cracked Software

Bitdefender security researchers have identified a new malware variant dubbed MosaicLoader, which is being distributed in a worldwide campaign disguised as cracked software. The malware ...

July 13, 2021

Patches Released to Fix 3 Actively Exploited Flaws and 9 Zero Days on July 2021 Patch Tuesday

July 2021 Patch Tuesday has seen Microsoft release patches to fix 116 vulnerabilities across its range of products: 12 critical flaws, 3 actively exploited vulnerabilities, ...

July 9, 2021

Fake Kaseya Updates Used in Phishing Campaign to Deliver Cobalt Strike Backdoors

A phishing campaign has been detected by Malwarebytes Threat Intelligence researchers which targets managed service provider customers of Kaseya. The emails claim to provide a ...

July 2, 2021

PoC Exploit Released for Unpatched Windows Print Spooler RCE Vulnerability

A critical Windows Print Spooler remote code execution vulnerability has been identified, a Proof of Concept (PoC) exploit for which has been leaked online. The ...

June 22, 2021

COVID-19 Vaccination Lure Used in Phishing Campaign Distributing the Agent Tesla RAT

A new phishing campaign has been detected that is being used to distribute the Agent Tesla Remote Access Trojan (RAT). The phishing campaign was identified ...

June 11, 2021

SonicWall VPN Vulnerability Exploited in Attacks on Legacy SRA Appliances

Researchers at CrowdStrike have confirmed cyber threat actors exploiting a SonicWall VPN vulnerability to attack Secure Remote Access (SRA) 4600 devices. The vulnerability, tracked as ...

June 10, 2021

Alleged TrickBot Malware Developer Facing Decades in Jail

The U.S. Department of Justice has announced a Latvian malware developer has been arraigned on a 19-count indictment for her role in the creation and ...

June 9, 2021

New Malware Discovered Targeting Windows Containers to Plant Backdoors in Kubernetes Clusters

A new malware variant has been discovered that is believed to be the first to target Windows containers. The malware, discovered by Daniel Prizmant of ...

June 8, 2021

Critical VMware vCenter Server Vulnerability Under Active Exploitation

The critical VMware vCenter Server vulnerability CVE-2021-21985 is being actively exploited in the wild. There have been several successful exploits of the 9.8/10 severity vulnerability ...

June 2, 2021

FBI Warns of APT Groups Exploiting Fortinet Vulnerabilities

The Federal Bureau of Investigation (FBI) has issued a Flash Alert warning of the continued exploitation of Fortinet Fortigate vulnerabilities by Advanced Persistent Threat (APT) ...

May 28, 2021

VMware Patches Critical Vulnerability in vCenter Server

A patch has been released to fix a critical severity vulnerability in VMware’s virtualization management platform, vCenter Server. The vulnerability could be remotely exploited by ...

May 25, 2021

Apple Patches Actively Exploited Zero-Day MacOS Vulnerability

Apple has released a patch to fix a zero-day vulnerability in macOS that is being actively exploited in the wild. The macOS vulnerability, tracked as ...

May 24, 2021

SQL Injection Vulnerability in WP Statistics WordPress Plugin Allows Theft of Database Information

A bug has been identified in a popular WordPress app that allows an unauthenticated attacker to steal sensitive database information. The WP Statistics plugin provides ...

May 21, 2021

Large-Scale Malspam Campaign Detected Delivering the STRRAT Remote Access Trojan

Microsoft has issued a warning about a massive malspam campaign that is being used to deliver the STRRAT remote access trojan (RAT). The campaign is ...

May 19, 2021

Studies Provide Insights into Vulnerability Exploitation and the Best Patching Policies

If you want to prevent threat actors from exploiting vulnerabilities and gaining access to your network, you need to make sure you patch promptly, but ...

May 12, 2021

Adobe Patches 43 Vulnerabilities Including 1 Actively Exploited Flaw in Acrobat/Reader

May 2021 Patch Tuesday has seen Adobe issue 43 updates to fix vulnerabilities in 12 different products, including a patch to fix a vulnerability in ...

May 11, 2021

Train Company Under Fire for Insensitive Phishing Simulation Emails

Phishing simulations are an important way to test resilience to phishing attacks, but a British train company has discovered these campaigns can easily backfire if ...

May 5, 2021

Trifecta of Sophisticated Malware Distributed in Spear Phishing Campaign

Three new sophisticated malware variants are being distributed by an Advanced Persistent Threat (APT) group in a large-scale global phishing campaign, according to a new ...

May 4, 2021

Patch Released for Actively Exploited Pulse Connect Secure VPN Vulnerability

Pulse Secure has released a patch for the actively exploited zero-day vulnerability – CVE-2021-22893 – in the Pulse Connect Secure SSL VPN appliance. Last week, ...

April 29, 2021

Phishing Campaign Impersonates Click Studios to Deliver New Moserpass Malware Variant

Last week, Click Studios alerted users of the Passwordstate enterprise password manager about a supply chain attack in which hackers successfully compromised the In-Place Upgrade ...

April 27, 2021

Apple Patches Zero-day Flaw Actively Exploited by Shlayer Malware

An actively exploited zero-day vulnerability in macOS has been patched by Apple. The vulnerability, one of the most serious flaws in macOS to be discovered, ...

Previous 1…4 567 8…18 Next

Free Newsletter

Receive security news directly
via email

Leave this field empty if you're human:

Confidentiality Guaranteed

Email address never shared,
unsubscribe any time

Last Feed

Security Breaches

Former Maryland Pharmacist Indicted Over Alleged Cyber Spying Scheme

Security Breaches

Dove Healthcare Management Services Resolves Data Breach Affecting Patient and Employee Information

OCR Imposes $1,165,000 in HIPAA Penalties on Four Covered Entities

Security Breaches

Brockton Hospital Implements Downtime Procedure After Ransomware Attack

NetSec.News

NetSec is your leading source for the latest updates and insights on IT security. We cover a wide range of topics including security breaches, emerging cyber threats, compliance regulations, industry trends, and best practices. Stay informed and protected with our expertly curated content.

Categories

Trends & Reports

Tools & Practices

Follow us

Newsletter

Leave this field empty if you're human:

Confidentiality Guaranteed. Consult our Privacy Policy.

Editorial charter

Submit Publication

© 2016-2024 NetSec.news. All rights reserved.

Home
Breaches
Threats
Compliance
Trends
Tools
Insights

Subscribe to our free

Newsletter

Latest IT security news directly by email

Leave this field empty if you're human:

* Consult our Privacy Policy

Subscribe to our free

Newsletter

Latest IT security news directly by email

Leave this field empty if you're human:

* Consult our Privacy Policy

Search for: