As part of this month's Patch Tuesday, Microsoft has released security patches for a serious privilege escalation vulnerability which affect all versions of its Windows operating system for enterprises released since 2007.
Intel patched a critical vulnerability that dates back nine years and impacts business desktop PCs that utilize the company's Active Management Technology. According to an Intel security bulletin, the flaw could allow an adversary to elevate privileges on a vulnerable system.
It's a phishing scheme that even multifactor authentication and changing your password won't fix.
Attackers are exploiting a previously undisclosed vulnerability in Microsoft Word, which security researchers say can be used to quietly install different kinds of malware -- even on fully-patched computers.
"Upon successful access to the device, the PDoS bot performed a series of Linux commands that would ultimately lead to corrupted storage, followed by commands to disrupt Internet connectivity, device performance, and the wiping of all files on the device," Radware said.
CyberX has confirmed at least 70 victims successfully targeted by the operation in a range of sectors including critical infrastructure, media, and scientific research. The operation seeks to capture a range of sensitive information including audio recordings of conversations, screen shots, documents and passwords.
There's a crafty new way hackers are trying to get inside your computer: By tricking you into installing a fake "missing font."
A Google researcher has uncovered what may be the most worrying web leak of 2017 so far, possibly exposing passwords, private messages and other sensitive data from a vast number of sites, including major services like Uber, FitBit and OKCupid.