The Nigerian police have arrested three individuals linked to targeted Microsoft 365 cyberattacks via Raccoon0365 phishing-as-a-service.
BleepingComputer
Nigeria arrests dev of Microsoft 365 'Raccoon0365' phishing platform
The Nigerian police have arrested three individuals linked to targeted Microsoft 365 cyberattacks via Raccoon0365 phishing-as-a-service.
Multiple threat actors are compromising Microsoft 365 accounts in phishing attacks that leverage theΒ OAuth device code authorization mechanism.
BleepingComputer
Microsoft 365 accounts targeted in wave of OAuth phishing attacks
Multiple threat actors are compromising Microsoft 365 accounts in phishing attacks that leverage the OAuth device code authorization mechanism.
TheΒ UEFI firmware implementation in some motherboards from ASUS, Gigabyte, MSI, and ASRock is vulnerable to direct memory access (DMA) attacks that can bypass early-boot memory protections.
BleepingComputer
New UEFI flaw enables pre-boot attacks on motherboards from Gigabyte, MSI, ASUS, ASRock
The UEFI firmware implementation in some motherboards from ASUS, Gigabyte, MSI, and ASRock is vulnerable to direct memory access (DMA) attacks that...
Internet security watchdog Shadowserver has found over 25,000 Fortinet devices exposed online with FortiCloud SSO enabled, amid ongoing attacks targeting a critical authentication bypass vulnerability.
BleepingComputer
Over 25,000 FortiCloud SSO devices exposed to remote attacks
Internet security watchdog Shadowserver has found over 25,000 Fortinet devices exposed online with FortiCloud SSO enabled, amid ongoing attacks tar...
Danish intelligence officials blamed Russia for orchestrating cyberattacks against Denmark's critical infrastructure, as part of Moscow's hybrid attacks against Western nations.
BleepingComputer
Denmark blames Russia for destructive cyberattack on water utility
Danish intelligence officials blamed Russia for orchestrating cyberattacks against Denmark's critical infrastructure, as part of Moscow's...
WatchGuard has warned customers to patch a critical, actively exploited remote code execution (RCE) vulnerability in its Firebox firewalls.
BleepingComputer
New critical WatchGuard Firebox firewall flaw exploited in attacks
WatchGuard has warned customers to patch a critical, actively exploited remote code execution (RCE) vulnerability in its Firebox firewalls.
Grocery delivery service Instacart will refund $60 million to settle FTC claims that it misled customers with false advertising and unlawfully enrolled them in paid subscriptions.
BleepingComputer
FTC: Instacart to refund $60M over deceptive subscription tactics
Grocery delivery service Instacart will refund $60 million to settle FTC claims that it misled customers with false advertising and unlawfully enro...
This month's extended security update for Windows 11 broke Message Queuing (MSMQ), which is typically used by enterprises to manage background tasks.
BleepingComputer
Windows 10 OOB update released to fix Message Queuing (MSMQ) issues
This month's extended security update for Windows 11 broke Message Queuing (MSMQ), which is typically used by enterprises to manage background...
Hackers gained access to an online coding repository belonging to the University of Sydney and stole files with personal information of staff and students.
BleepingComputer
University of Sydney suffers data breach exposing student and staff info
Hackers gained access to an online coding repository belonging to the University of Sydney and stole files with personal information of staff and s...
The Clop ransomware gang is targeting Internet-exposed Gladinet CentreStack file servers in a new data theft extortion campaign.
BleepingComputer
Clop ransomware targets Gladinet CentreStack in data theft attacks
The Clop ransomware gang is targeting Internet-exposed Gladinet CentreStack file servers in a new data theft extortion campaign.