The Hacker News6h
GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack
New cryptojacking campaign REF4578 discovered. Hackers use vulnerable drivers to disable security solutions and install XMRig ...
The Hacker News10h
Zoom Adopts NIST-Approved Post-Quantum End-to-End Encryption for Meetings
Zoom's post-quantum E2EE uses Kyber-768, which aims at security roughly equivalent to AES-192. Kyber was chosen by the U.S.
The Hacker News8h
QNAP Patches New Flaws in QTS and QuTS hero Impacting NAS Appliances
All the shortcomings, that require a valid account on NAS devices, have been addressed in QTS 5.1.7.2770 build 20240520 and ...
The Hacker News11h
Critical Veeam Backup Enterprise Manager Flaw Allows Authentication Bypass
Veeam has disclosed four vulnerabilities in its Backup Enterprise Manager, including a critical security flaw (CVE-2024-29849 ...
The Hacker News22h
Critical GitHub Enterprise Server Flaw Allows Authentication Bypass
A critical vulnerability (CVE-2024-4985) has been discovered in GitHub Enterprise Server, allowing attackers to bypass ...
The Hacker News15h
MS Exchange Server Flaws Exploited to Deploy Keylogger in Targeted Attacks
An unknown threat actor is exploiting known security flaws in Microsoft Exchange Server to deploy a keylogger malware in ...
The Hacker News23h
Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users
A new attack campaign dubbed CLOUD#REVERSER has been observed leveraging legitimate cloud storage services like Google Drive ...