Unpatched Active Directory Flaw Can Crash Any Microsoft Server
Windows servers are vulnerable to a dangerous LDAP vulnerability that could be used to crash multiple servers at once and should be patched immediately.
-
-
UN General Assembly Adopts Cybercrime Treaty
Post Content
-
-
US Soldier Arrested in Verizon, AT&T Hacks
Wagenius posted about hacking more than 15 telecom providers on the Telegram messaging service.
-
Volkswagen Breach Exposes Data of 800K EV Customers
Ethical hacking group Chaos Computer Club uncovered exposed data of electrical vehicle owners across the company’s VW, Audi, Seat, and Skoda brands.
-
‘Bad Likert Judge’ Jailbreak Bypasses Guardrails of OpenAI, Other Top LLMs
A novel technique to stump artificial intelligence (AI) text-based systems increases the likelihood of a successful cyberattack by 60%.
-
Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API
Details have emerged about three now-patched security vulnerabilities in Dynamics 365 and Power Apps Web API that could result in data exposure. The flaws, discovered by Melbourne-based cybersecurity company Stratus Security, have been addressed as of May 2024. Two of the three shortcomings reside in Power Platform’s OData Web API Filter, while the third vulnerability…
-
Cross-Domain Attacks: A Growing Threat to Modern Security and How to Combat Them
In the past year, cross-domain attacks have gained prominence as an emerging tactic among adversaries. These operations exploit weak points across multiple domains – including endpoints, identity systems and cloud environments – so the adversary can infiltrate organizations, move laterally and evade detection. eCrime groups like SCATTERED SPIDER and North Korea-nexus adversaries such as FAMOUS
-
Malicious Obfuscated NPM Package Disguised as an Ethereum Tool Deploys Quasar RAT
Cybersecurity researchers have discovered a malicious package on the npm package registry that masquerades as a library for detecting vulnerabilities in Ethereum smart contracts but, in reality, drops an open-source remote access trojan called Quasar RAT onto developer systems. The heavily obfuscated package, named ethereumvulncontracthandler, was published to npm on December 18, 2024, by a…
-
Three Russian-German Nationals Charged with Espionage for Russian Secret Service
German prosecutors have charged three Russian-German nationals for acting as secret service agents for Russia. The individuals, named Dieter S., Alexander J., and Alex D., have been accused of working for a foreign secret service. Dieter S. is also alleged to have participated in sabotage operations as well as taking pictures of military installations with…