Please turn on your JavaScript for this page to function normally.
CrushFTP zero-day exploited by attackers, upgrade immediately! (CVE-2024-4040)

A vulnerability (CVE-2024-4040) in enterprise file transfer solution CrushFTP is being exploited by attackers in a targeted fashion, according to Crowdstrike. The …

Attack velocity surges with average breakout time down to only 62 minutes

The speed of cyberattacks continues to accelerate at an alarming rate, according to CrowdStrike. Adversaries increasingly exploit stolen credentials The speed of cyberattacks …

AnyDesk has been hacked, users urged to change passwords

AnyDesk Software GmbH, the German company behind the widely used (and misused) remote desktop application of the same name, has confirmed they’ve been hacked and their …

Windows injection
“Pool Party” process injection techniques evade EDRs

SafeBreach researchers have discovered eight new process injection techniques that can be used to covertly execute malicious code on Windows systems. Dubbed “Pool …

Cybertech Europe 2023
Photos: Cybertech Europe 2023

The Cybertech Europe conference and exhibition takes place at La Nuvola Convention Center in Rome, and features the latest innovative solutions from dozens of companies and …

North Korea
North Korean hackers targeted tech companies through JumpCloud and GitHub

North Korean state-sponsored hackers have been linked to two recent cyberattack campaigns: one involving a spear-phishing attack on JumpCloud and the other targeting tech …

Infosecurity Europe 2023
Infosecurity Europe 2023 video walkthrough

Infosecurity Europe 2023 is taking place in London this week, and this video provides a closer look at this year’s event.

Infosecurity Europe 2023
Photos: Infosecurity Europe 2023

Infosecurity Europe 2023 is taking place at ExCeL London from 20-22 June 2023 and Help Net Security is on site. The second gallery is available here. Here’s a closer …

3CX customers targeted via trojanized desktop app

Suspected state-sponsored threat actors have trojanized the official Windows desktop app of the widely used 3CX softphone solution, a number of cybersecurity companies began …

Rackspace ransomware attack was executed by using previously unknown security exploit

The MS Exchange exploit chain recently revealed by Crowdstrike researchers is how the Play ransomware gang breached the Rackspace Hosted Exchange email environment, the …

January 2023 Patch Tuesday forecast: Procrastinate at your own risk

The start of a new year means it’s time to start working towards achieving your annual resolutions. Based on the headlines from the December news media, perhaps the most …

Microsoft Exchange
New Microsoft Exchange exploit chain lets ransomware attackers in (CVE-2022-41080)

Ransomware-wielding attackers are using a new exploit chain that includes one of the ProxyNotShell vulnerabilities (CVE-2022-41082) to achieve remote code execution on …

Don't miss

Cybersecurity news