Latest Warning news

CISA warns of Windows bug exploited in ransomware attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity Windows vulnerability abused in ransomware attacks as a zero-day to its catalog of actively exploited security bugs.
- Sergiu Gatlan
- June 14, 2024
- 12:39 PM
- 0
CISA warns of criminals impersonating its employees in phone calls

Today, the Cybersecurity and Infrastructure Security Agency (CISA) warned that criminals are impersonating its employees in phone calls and attempting to deceive potential victims into transferring money.
- Sergiu Gatlan
- June 12, 2024
- 01:58 PM
- 0
FBI warns of fake remote work ads used for cryptocurrency fraud

Today, the FBI issued a warning about scammers using fake remote job ads to steal cryptocurrency from job seekers across the United States while posing as recruiters for legitimate companies.
- Sergiu Gatlan
- June 04, 2024
- 04:33 PM
- 1
Hackers target Check Point VPNs to breach enterprise networks

Threat actors are targeting Check Point Remote Access VPN devices in an ongoing campaign to breach enterprise networks, the company warned in a Monday advisory.
- Sergiu Gatlan
- May 27, 2024
- 02:19 PM
- 0
Rockwell Automation warns admins to take ICS devices offline

Rockwell Automation warned customers to disconnect all industrial control systems (ICSs) not designed for online exposure from the Internet due to increasing malicious activity worldwide.
- Sergiu Gatlan
- May 21, 2024
- 01:48 PM
- 2
FBI warns of gift card fraud ring targeting retail companies

The FBI warned retail companies in the United States that a financially motivated hacking group has been targeting employees in their gift card departments in phishing attacks since at least January 2024.
- Sergiu Gatlan
- May 08, 2024
- 01:25 PM
- 0
CISA urges software devs to weed out path traversal vulnerabilities

CISA and the FBI urged software companies today to review their products and eliminate path traversal security vulnerabilities before shipping.
- Sergiu Gatlan
- May 02, 2024
- 03:38 PM
- 0
FBI warns against using unlicensed crypto transfer services

The FBI has warned today that using unlicensed cryptocurrency transfer services can result in financial loss if these platforms are taken down by law enforcement.
- Sergiu Gatlan
- April 25, 2024
- 05:16 PM
- 4
Over 1,400 CrushFTP servers vulnerable to actively exploited bug

Over 1,400 CrushFTP servers exposed online were found vulnerable to attacks currently targeting a critical severity server-side template injection (SSTI) vulnerability previously exploited as a zero-day.
- Sergiu Gatlan
- April 25, 2024
- 12:40 PM
- 0
Microsoft pulls fix for Outlook bug behind ICS security alerts

Microsoft reversed the fix for an Outlook bug causing erroneous security warnings after installing December 2023 security updates
- Sergiu Gatlan
- April 23, 2024
- 05:50 PM
- 0
FBI warns of massive wave of road toll SMS phishing attacks

On Friday, the Federal Bureau of Investigation warned of a massive ongoing wave of SMS phishing attacks targeting Americans with lures regarding unpaid road toll fees.
- Sergiu Gatlan
- April 12, 2024
- 02:56 PM
- 1
US Health Dept warns hospitals of hackers targeting IT help desks

The U.S. Department of Health and Human Services (HHS) warns that hackers are now using social engineering tactics to target IT help desks across the Healthcare and Public Health (HPH) sector.
- Sergiu Gatlan
- April 06, 2024
- 11:09 AM
- 0
Red Hat warns of backdoor in XZ tools used by most Linux distros

Today, Red Hat warned users to immediately stop using systems running Fedora development and experimental versions because of a backdoor found in the latest XZ Utils data compression tools and libraries.
- Sergiu Gatlan
- March 29, 2024
- 01:50 PM
- 2
Germany warns of 17K vulnerable Microsoft Exchange servers exposed online

The German national cybersecurity authority warned on Tuesday that it found at least 17,000 Microsoft Exchange servers in Germany exposed online and vulnerable to one or more critical security vulnerabilities.
- Sergiu Gatlan
- March 26, 2024
- 03:21 PM
- 4
CISA urges software devs to weed out SQL injection vulnerabilities

CISA and the FBI urged executives of technology manufacturing companies to prompt formal reviews of their organizations' software and implement mitigations to eliminate SQL injection (SQLi) security vulnerabilities before shipping.
- Sergiu Gatlan
- March 25, 2024
- 02:26 PM
- 1
KDE advises extreme caution after theme wipes Linux user's files

On Wednesday, the KDE team warned Linux users to exercise "extreme caution" when installing global themes, even from the official KDE Store, because these themes run arbitrary code on devices to customize the desktop's appearance.
- Sergiu Gatlan
- March 21, 2024
- 03:05 PM
- 10
FTC warns scammers are impersonating its employees to steal money

The U.S. Federal Trade Commission (FTC) warned today that scammers are impersonating its employees to steal thousands of dollars from Americans.
- Sergiu Gatlan
- March 19, 2024
- 03:19 PM
- 0
CISA cautions against using hacked Ivanti VPN gateways even after factory resets

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed today that attackers who hack Ivanti VPN appliances using one of multiple actively exploited vulnerabilities may be able to maintain root persistence even after performing factory resets.
- Sergiu Gatlan
- February 29, 2024
- 03:35 PM
- 1
FBI, CISA warn US hospitals of targeted BlackCat ransomware attacks

Today, the FBI, CISA, and the Department of Health and Human Services (HHS) warned U.S. healthcare organizations of targeted ALPHV/Blackcat ransomware attacks.
- Sergiu Gatlan
- February 27, 2024
- 05:26 PM
- 0
VMware urges admins to remove deprecated, vulnerable auth plug-in

VMware urged admins today to remove a discontinued authentication plugin exposed to authentication relay and session hijack attacks in Windows domain environments via two security vulnerabilities left unpatched.
- Sergiu Gatlan
- February 20, 2024
- 04:00 PM
- 0