The high-severity CVE-2024-6387 in OpenSSH is a reintroduction of a 2006 flaw, and it allows unauthenticated RCE as root.
...moreSummary
Top Articles:
- Multiple Windows, Adobe Zero-Days Anchor Knotweed Commercial Spyware
- Fake WinRAR PoC Exploit Conceals VenomRAT Malware
- Russia-Sponsored Cyberattackers Infiltrate Microsoft's Code Base
- Zero-Click Zoom Bug Allows Code Execution Just by Sending a Message
- Kinsing Cyberattackers Debut 'Looney Tunables' Cloud Exploits
- Container Verification Bug Allows Malicious Images to Cloud Up Kubernetes
- 'RegreSSHion' Bug Threatens Takeover of Millions of Linux Systems
- Capital One Attacker Exploited Misconfigured AWS Databases
- Microsoft Set to Retire Grunge-Era VBScript, to Cybercrime's Chagrin
- Cloudflare Falls Victim to Okta Breach, Atlassian Systems Cracked
'RegreSSHion' Bug Threatens Takeover of Millions of Linux Systems
Published: 2024-07-01 19:38:55
Popularity: 25
Author: Tara Seals, Managing Editor, News, Dark Reading
LLM Says: "Linux takeover"
Russia-Sponsored Cyberattackers Infiltrate Microsoft's Code Base
Published: 2024-03-08 17:22:50
Popularity: 45
Author: Tara Seals, Managing Editor, News, Dark Reading
The Midnight Blizzard APT is mounting a sustained, focused cyber campaign against the computing kahuna, using secrets it stole from emails back in January.
...moreCloudflare Falls Victim to Okta Breach, Atlassian Systems Cracked
Published: 2024-02-02 13:00:00
Popularity: 16
Author: Tara Seals, Managing Editor, News, Dark Reading
The cyberattackers, believed to be state sponsored, didn't get far into Cloudflare's global network, but not for lack of trying.
...moreGlobal TeamCity Exploitation Opens Door to SolarWinds-Style Nightmare
Published: 2023-12-13 23:26:00
Popularity: 5
Author: Tara Seals, Managing Editor, News, Dark Reading
Russia's APT29 is going after a critical RCE flaw in the JetBrains TeamCity software developer platform, prompting governments worldwide to issue an urgent warning to patch.
...moreKinsing Cyberattackers Debut 'Looney Tunables' Cloud Exploits
Published: 2023-11-06 22:57:00
Popularity: 32
Author: Tara Seals, Managing Editor, News, Dark Reading
Admins need to patch immediately, as the prolific cybercrime group pivots from cryptomining to going after cloud secrets and credentials.
...moreMicrosoft Set to Retire Grunge-Era VBScript, to Cybercrime's Chagrin
Published: 2023-10-12 20:23:45
Popularity: 17
Author: Tara Seals, Managing Editor, News, Dark Reading
Popular malware like QakBot and DarkGate rely on VBScript, which dates back to 1996 — but their days are numbered now that Microsoft is finally deprecating the Windows programming language.
...moreFake WinRAR PoC Exploit Conceals VenomRAT Malware
Published: 2023-09-20 20:09:00
Popularity: 52
Author: Tara Seals, Managing Editor, News, Dark Reading
A supposed exploit for a notable RCE vulnerability in the popular Windows file-archiving utility delivers a big sting for unwitting researchers and cybercriminals.
...moreContainer Verification Bug Allows Malicious Images to Cloud Up Kubernetes
Published: 2022-12-23 18:18:27
Popularity: 29
Author: Tara Seals, Managing Editor, News, Dark Reading
A complete bypass of the Kyverno security mechanism for container image imports allows cyberattackers to completely take over a Kubernetes pod to steal data and inject malware.
...moreMultiple Windows, Adobe Zero-Days Anchor Knotweed Commercial Spyware
Published: 2022-07-27 18:49:47
Popularity: 950
Author: Tara Seals, Managing Editor, News, Dark Reading
Microsoft flagged the company's Subzero tool set as on offer to unscrupulous governments and shady business interests.
...moreCapital One Attacker Exploited Misconfigured AWS Databases
Published: 2022-06-20 21:25:39
Popularity: 25
Author: Tara Seals, Managing Editor, News, Dark Reading
After bragging in underground forums, the woman who stole 100 million credit applications from Capital One has been found guilty.
...moreZero-Click Zoom Bug Allows Code Execution Just by Sending a Message
Published: 2022-05-25 19:21:04
Popularity: 36
Author: Tara Seals, Managing Editor, News, Dark Reading
Google has disclosed a nasty set of six bugs affecting Zoom chat that can be chained together for MitM and RCE attacks, no user interaction required.
...more