reader comments 3 More than 1.5 million email servers are vulnerable to attacks that can deliver executable attachments to user accounts, security researchers said. The servers run versions of the Exim mail transfer agent that are vulnerable to a critical vulnerability that came to light 10 days ago. Tracked as CVE-2024-39929 and carrying a severity… Read More »
Getty Images reader comments 21 with Thousands of servers running the Exim mail transfer agent are vulnerable to potential attacks that exploit critical vulnerabilities, allowing remote execution of malicious code with little or no user interaction. The vulnerabilities were reported on Wednesday by Zero Day Initiative, but they largely escaped notice until Friday when they… Read More »
reader comments 96 with Millions of US military emails have been misdirected to Mali through a “typo leak” that has exposed highly sensitive information, including diplomatic documents, tax returns, passwords, and the travel details of top officers. Despite repeated warnings over a decade, a steady flow of email traffic continues to the .ML domain, the… Read More »
reader comments 15 with A critical vulnerability patched 10 days ago in widely used email software from IT security company Barracuda Networks has been under active exploitation since October. The vulnerability has been used to install multiple pieces of malware inside large organization networks and steal data, Barracuda said Tuesday. The software bug, tracked as… Read More »
reader comments 13 with Share this story Researchers have uncovered advanced malware that’s turning business-grade routers into attacker-controlled listening posts that can sniff email and steal files in an ongoing campaign hitting North and South America and Europe. Besides passively capturing IMAP, SMTP, and POP email, the malware also backdoors routers with a remote access… Read More »
reader comments 41 with 29 posters participating Share this story When you visit an HTTPS-protected website, your browser doesn’t exchange data with the webserver until it has ensured that the site’s digital certificate is valid. That prevents hackers with the ability to monitor or modify data passing between you and the site from obtaining authentication… Read More »