Security Archives - Page 26 of 205

Adam Barnett, Bitlocker, Bob Hopkins, CVE-2024-49142, CVE-2025-21186, CVE-2025-21210, CVE-2025-21298, CVE-2025-21311, CVE-2025-21333, CVE-2025-21334, CVE-2025-21335, CVE-2025-21366, CVE-2025-21395, Kev Breen, Krebs, Latest Warnings, Microsoft Access, Microsoft Patch Tuesday January 2025, News, Rapid7, Satnam Narang, Security, The Coming Storm, Time to Patch, unpatched.ai, Windows 11, Windows Hyper-V, Windows NTLMv1

Microsoft: Happy 2025. Here’s 161 Security Updates

Posted on January 14, 2025 by [email protected]

14
Jan

Microsoft today unleashed updates to plug a whopping 161 security vulnerabilities in Windows and related software, including three “zero-day” weaknesses that are already under active attack. Redmond’s inaugural Patch Tuesday of 2025 bundles more fixes than the company has shipped in one go since 2017. Rapid7‘s Adam Barnett says January marks the fourth consecutive month […]

Continue reading →

Bleeping Computer, News, Security

WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites

Posted on January 14, 2025 by [email protected]

A new malware campaign has compromised more than 5,000 WordPress sites to create admin accounts, install a malicious plugin, and steal data. […]

Continue reading →

Bleeping Computer, CryptoCurrency, News, Security

US govt says North Korea stole over $659 million in crypto last year

Posted on January 14, 2025 by [email protected]

North Korean state-backed hacking groups have stolen over $659 million worth of cryptocurrency in multiple crypto-heists, according to a joint statement issued by the United States, South Korea, and Japan on Tuesday. […]

Continue reading →

Bleeping Computer, Microsoft, News, Security

Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws

Posted on January 14, 2025 by [email protected]

Today is Microsoft’s January 2025 Patch Tuesday, which includes security updates for 159 flaws, including eight zero-day vulnerabilities, with three actively exploited in attacks. […]

Continue reading →

Bleeping Computer, Google, News, Security

Google OAuth flaw lets attackers gain access to abandoned accounts

Posted on January 14, 2025 by [email protected]

A weakness in Google’s OAuth “Sign in with Google” feature could enable attackers that register domains of defunct startups to access sensitive data of former employee accounts linked to various software-as-a-service (SaaS) platforms. […]

Continue reading →

Bleeping Computer, News, Security

FBI wipes Chinese PlugX malware from over 4,000 US computers

Posted on January 14, 2025 by [email protected]

The U.S. Department of Justice announced today that the FBI has deleted Chinese PlugX malware from over 4,200 computers in networks across the United States. […]

Continue reading →

Bleeping Computer, News, Security

Hackers use FastHTTP in new high-speed Microsoft 365 password attacks

Posted on January 14, 2025 by [email protected]

Threat actors are utilizing the FastHTTP Go library to launch high-speed brute-force password attacks targeting Microsoft 365 accounts globally. […]

Continue reading →

Bleeping Computer, News, Security

Fortinet warns of auth bypass zero-day exploited to hijack firewalls

Posted on January 14, 2025 by [email protected]

Attackers are exploiting a new authentication bypass zero-day vulnerability in FortiOS and FortiProxy to hijack Fortinet firewalls and breach enterprise networks. […]

Continue reading →

Bleeping Computer, Healthcare, News, Security

OneBlood confirms personal data stolen in July ransomware attack

Posted on January 13, 2025 by [email protected]

Blood-donation not-for-profit OneBlood confirms that donors’ personal information was stolen in a ransomware attack last summer. […]

Continue reading →

Bleeping Computer, News, Security

CISA orders agencies to patch BeyondTrust bug exploited in attacks

Posted on January 13, 2025 by [email protected]

CISA tagged a vulnerability in BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks, ordering agencies to secure their systems within three weeks. […]

Continue reading →

Login