Cybersecurity researchers have discovered a new phishing campaign that’s being used to distribute malware called Horabot targeting Windows users in Latin American countries like Mexico, Guatemala, Colombia, Peru, Chile, and Argentina. The campaign is “using crafted emails that impersonate invoices or financial documents to trick victims into opening malicious attachments and can steal email
Author Archives: eturner@hitechlives.com
Microsoft on Tuesday shipped fixes to address a total of 78 security flaws across its software lineup, including a set of five zero-days that have come under active exploitation in the wild. Of the 78 flaws resolved by the tech giant, 11 are rated Critical, 66 are rated Important, and one is rated Low in […]
Fortinet has patched a critical security flaw that it said has been exploited as a zero-day in attacks targeting FortiVoice enterprise phone systems. The vulnerability, tracked as CVE-2025-32756, carries a CVSS score of 9.6 out of 10.0. “A stack-based overflow vulnerability [CWE-121] in FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera may allow a remote unauthenticated attacker […]
Ivanti has released security updates to address two security flaws in Endpoint Manager Mobile (EPMM) software that have been chained in attacks to gain remote code execution. The vulnerabilities in question are listed below – CVE-2025-4427 (CVSS score: 5.3) – An authentication bypass in Ivanti Endpoint Manager Mobile allowing attackers to access protected resources without […]
Originally published by Axway. Written by Chris Payne, Principal Product & Solutions Marketing Manager for Axway MFT. There’s an old IT saying that nobody notices MFT until something goes wrong. MFT hums along in the background at many enterprises, running on autopilot, out of sight and out of mind. No need to modernize, update or […]
SAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a zero-day. […]
The state-backed North Korean threat group Konni (Opal Sleet, TA406) was observed targeting Ukrainian government entities in intelligence collection operations. […]
Twilio has denied in a statement for BleepingComputer that it was breached after a threat actor claimed to be holding over 89 million Steam user records with one-time access codes. […]
Ivanti warned customers today to patch their Ivanti Endpoint Manager Mobile (EPMM) software against two security vulnerabilities chained in attacks to gain remote code execution. […]
The Public Utilities Commission of Nevada has approved our first-of-its-kind partnership with NV Energy to bring new, clean capacity to Nevada under the Clean Transition…