McMenamins Data Breach Affects 12 Years of Employee Info
The Pacific Northwest hospitality stalwart is also still operationally crippled by a Dec. 12 ransomware attack. [...]
The Pacific Northwest hospitality stalwart is also still operationally crippled by a Dec. 12 ransomware attack. [...]
A look back at what was hot with readers in this second year of the pandemic. [...]
The security vulnerability could expose passwords and access tokens, along with blueprints for internal infrastructure and finding software vulnerabilities. [...]
A critical privilege-escalation vulnerability could lead to backdoors for admin access nesting in web servers. [...]
There are 17,000npatched Log4j packages in the Maven Central ecosystem, leaving massive supply-chain risk on the table from Log4Shell exploits. [...]
A quarter-billion of those passwords were not seen in previous breaches that have been added to Have I Been Pwned. [...]
Joker malware was found lurking in the Color Message app, ready to fleece unsuspecting users with premium SMS charges. [...]
The discovery, which affects services running as localhost that aren't exposed to any network or the internet, vastly widens the scope of attack possibilities. [...]
"Owowa" stealthily lurks on IIS servers, waiting to harvest successful logins when an Outlook Web Access (OWA) authentication request is made. [...]
December's Patch Tuesday updates address six publicly known bugs and seven critical security vulnerabilities. [...]
An exclusive roundtable of security researchers discuss the specific implications of CVE-2021-44228 for smaller businesses, including what's vulnerable, what an attack looks like and to how to remediate. [...]
Kronos, the workforce-management provider, said a weeks-long outage of its cloud services is in the offing, just in time to hamstring end-of-year HR activities like bonuses and vacation tracking. [...]
The Python code repository was infiltrated by malware bent on data exfiltration from developer apps and more. [...]
Cyberattackers are targeting security vulnerabilities in four plugins plus Epsilon themes, to assign themselves administrative accounts. [...]
E-commerce's proverbial Who-ville is under siege, with a rise in bots bent on ruining gift cards and snapping up coveted gifts for outrageously priced resale. [...]
The lurking code-bombs lift Discord tokens from users of any applications that pulled the packages into their code bases. [...]
Unauthenticated, remote attackers can achieve root-level RCE on SMA 100-series appliances. [...]
The malware's unique blockchain-enabled backup C2 scheme makes it difficult to eliminate completely. [...]
The gang is using a variety of tools and malware to carry out attacks in volume on critical sectors, the FBI warned. [...]
The culprit is misconfigured Kafdrop interfaces, used for centralized management of the open-source platform. [...]
We want to know what your biggest cloud security concerns and challenges are, and how your company is dealing with them. Weigh in with our exclusive poll! [...]
Cyberattackers made off with addresses, insurance information, dates of birth, and most worryingly, clinical information, such as diagnosis, procedures, and/or prescription information. [...]
Cyberattackers had unfettered access to the technology giant's file server for four months. [...]
The North Korea-linked group is deploying the Chinotto spyware backdoor against dissidents, journalists and other politically relevant individuals in South Korea. [...]
A temporary fix has been issued for CVE-2021-24084, which can be exploited using the LPE exploitation approach for the HiveNightmare/SeriousSAM bug. [...]