Sergiu Gatlan
Author Bio
Sergiu is a news reporter who has covered the latest cybersecurity and technology developments for over a decade. Email or Twitter DMs for tips.
-
Google: Spyware vendors behind 50% of zero-days exploited in 2023
Google's Threat Analysis Group (TAG) and Google subsidiary Mandiant said they've observed a significant increase in the number of zero-day vulnerabilities exploited in attacks in 2023, many of them linked to spyware vendors and their clients.
- March 27, 2024
- 09:00 AM
-
1
-
Windows 11 KB5035942 update enables Moment 5 features for everyone
Microsoft has released the March 2024 non-security KB5035942 preview update for Windows 11 23H2, which enables Moment 5 features by default and fixes 18 known issues.
- March 26, 2024
- 06:28 PM
-
0
-
Finland confirms APT31 hackers behind 2021 parliament breach
The Finnish Police confirmed on Tuesday that the APT31 hacking group linked to the Chinese Ministry of State Security (MSS) was behind a breach of the country's parliament disclosed in March 2021.
- March 26, 2024
- 05:23 PM
-
0
-
Germany warns of 17K vulnerable Microsoft Exchange servers exposed online
The German national cybersecurity authority warned on Tuesday that it found at least 17,000 Microsoft Exchange servers in Germany exposed online and vulnerable to one or more critical security vulnerabilities.
- March 26, 2024
- 03:21 PM
-
4
-
Panera Bread experiencing nationwide IT outage since Saturday
Since Saturday, U.S. food chain giant Panera Bread has been experiencing a nationwide outage that has impacted its IT systems, including online ordering, POS systems, phones, and various internal systems.
- March 25, 2024
- 07:18 PM
-
0
-
US sanctions crypto exchanges used by Russian darknet market, banks
The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) has sanctioned three cryptocurrency exchanges for working with OFAC-designated Russian dark web markets and banks.
- March 25, 2024
- 05:20 PM
-
0
-
CISA urges software devs to weed out SQL injection vulnerabilities
CISA and the FBI urged executives of technology manufacturing companies to prompt formal reviews of their organizations' software and implement mitigations to eliminate SQL injection (SQLi) security vulnerabilities before shipping.
- March 25, 2024
- 02:26 PM
-
1
-
US sanctions APT31 hackers behind critical infrastructure attacks
The U.S. Treasury Department has sanctioned a Wuhan-based company used by the Chinese Ministry of State Security (MSS) as cover in attacks against U.S. critical infrastructure organizations.
- March 25, 2024
- 12:06 PM
-
1
-
Microsoft releases emergency fix for Windows Server crashes
Microsoft has released emergency out-of-band (OOB) updates to fix a known issue causing Windows domain controllers to crash after installing the March 2024 Windows Server security updates.
- March 22, 2024
- 06:12 PM
-
7
-
Mozilla fixes two Firefox zero-day bugs exploited at Pwn2Own
Mozilla has released security updates to fix two zero-day vulnerabilities in the Firefox web browser exploited during the Pwn2Own Vancouver 2024 hacking competition.
- March 22, 2024
- 01:45 PM
-
3
-
Hackers earn $1,132,500 for 29 zero-days at Pwn2Own Vancouver
Pwn2Own Vancouver 2024 has ended with security researchers collecting $1,132,500 after demoing 29 zero-days (and some bug collisions).
- March 22, 2024
- 01:13 AM
-
0
-
KDE advises extreme caution after theme wipes Linux user's files
On Wednesday, the KDE team warned Linux users to exercise "extreme caution" when installing global themes, even from the official KDE Store, because these themes run arbitrary code on devices to customize the desktop's appearance.
- March 21, 2024
- 03:05 PM
-
10
-
Exploit released for Fortinet RCE bug used in attacks, patch now
Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks.
- March 21, 2024
- 11:17 AM
-
0
-
Microsoft confirms Windows Server issue behind domain controller crashes
Microsoft confirmed that a memory leak introduced with the March 2024 Windows Server security updates is behind a widespread issue causing Windows domain controllers to crash.
- March 21, 2024
- 08:27 AM
-
1
-
Windows 11, Tesla, and Ubuntu Linux hacked at Pwn2Own Vancouver
On the first day of Pwn2Own Vancouver 2024, contestants demoed 19 zero-day vulnerabilities in Windows 11, Tesla, Ubuntu Linux and other devices and software to win $732,500 and a Tesla Model 3 car.
- March 21, 2024
- 03:07 AM
-
2
