Category: Cyber Security

Congress voted in favor of banning the popular social media app TikTok on Wednesday, following its passage last week by the House Energy Committee. The bill requires any company controlled by a “foreign adversary” to be divested within 180 days. Pressure against the app, owned by Chinese parent company ByteDance, has been mounting for years. […]

Moldovan national Sandu Boris Diaconu has been sentenced to 42 months in prison for operating E-Root, a major online marketplace that sold access to hacked computers worldwide. According to court documents, after the federal prison ends, Diaconu (aka ‘utmsandu,’ ‘sandushell,’ ‘rootarhive,’ and ‘WinD3str0y’) will also be under supervised release for another 3 years. The sentence […]

Mar 14, 2024The Hacker NewsVulnerability / Network Security Fortinet has warned of a critical security flaw impacting its FortiClientEMS software that could allow attackers to achieve code execution on affected systems. “An improper neutralization of special elements used in an SQL Command (‘SQL Injection’) vulnerability [CWE-89] in FortiClientEMS may allow an unauthenticated attacker to execute […]

Alabama has been grappling with network disruptions, following cyber incidents targeting both state and city governments, and days later, they still appear to be struggling to recover. Alabama’s governor, Kay Ivey, confirmed that a cyberattack on state systems began March 12, but added that neither networks nor system data were compromised, according to reports. Similarly, […]

Microsoft announced that Office LTSC 2024, the next Office LTSC release, will enter a commercial preview phase starting next month and will be generally available later this year. The company will also release Office 2024 later this year, a new version of on-premises Office for consumers, which comes with five years of support and the […]

Mar 14, 2024NewsroomCyber Threat / Malware The threat actor known as Blind Eagle has been observed using a loader malware called Ande Loader to deliver remote access trojans (RATs) like Remcos RAT and NjRAT. The attacks, which take the form of phishing emails, targeted Spanish-speaking users in the manufacturing industry based in North America, eSentire […]

Fortinet has patched a critical remote code execution (RCE) vulnerability in its FortiClient Enterprise Management Server (EMS) for managing endpoint devices. The flaw, identified as CVE-2024-48788, stems from an SQL injection error in a direct-attached storage component of the server. It gives unauthenticated attackers a way to execute arbitrary code and commands with system admin […]