admin

  • Blog
    digitpatrox6 hours ago
    7

    Landmark Admin data breach impact now reaches 1.6 million people

    Landmark Admin has issued an update to its investigation of a cyberattack it suffered in May 2024, increasing the number of impacted individuals to 1.6 million. Landmark is a Texas-based third-party administrator (TPA) handling policy accounting, regulatory reporting, reinsurance support, and IT systems for major insurers nationwide like Liberty Bankers Life and American Benefit Life. In October 2024, the company…

    Read More »
  • Blog
    digitpatrox6 days ago
    29

    Critical FortiSwitch flaw lets hackers change admin passwords remotely

    Fortinet has released security patches for a critical vulnerability in its FortiSwitch devices that can be exploited to change administrator passwords remotely. The company says Daniel Rozeboom of the FortiSwitch web UI development team discovered the vulnerability (CVE-2024-48887) internally. Unauthenticated attackers can exploit this unverified FortiSwitch GUI password change security flaw (rated with a 9.8/10 severity score) in low-complexity attacks…

    Read More »
  • Blog
    digitpatroxMarch 13, 2025
    46

    Garantex crypto exchange admin arrested while on vacation

    Indian authorities arrested Aleksej Besciokov, the co-founder and one of the administrators of the Russian Garantex crypto-exchange while vacationing with his family in Varkala, India. As infosec journalist Brian Krebs first reported on Tuesday, the 46-year-old Lithuanian national and Russian resident was apprehended on Tuesday afternoon by Kerala state police officers under the country’s extradition law. Besciokov (aka “proforg” and…

    Read More »
  • Blog
    digitpatroxFebruary 13, 2025
    61

    DPRK hackers dupe targets into typing PowerShell commands as admin

    North Korean state actor ‘Kimsuky’ (aka ‘Emerald Sleet’ or ‘Velvet Chollima’) has been observed using a new tactic inspired from the now widespread ClickFix campaigns. ClickFix is a social engineering tactic that has gained traction in the cybercrime community, especially for distributing infostealer malware. It involves deceptive error messages or prompts that direct victims to execute malicious code themselves, often…

    Read More »
  • Blog
    digitpatroxJanuary 29, 2025
    85

    Laravel admin package Voyager vulnerable to one-click RCE flaw

    Three vulnerabilities discovered in the open-source PHP package Voyager for managing Laravel applications could be used for remote code execution attacks. The issues remain unfixed and can be exploited against an authenticated Voyager user that clicks on a malicious link. Vulnerability researchers at SonarSource, a code quality and security company, say that they tried to report the flaws to the Voyager maintainers…

    Read More »
  • Blog
    digitpatroxJanuary 25, 2025
    76

    Hackers use Windows RID hijacking to create hidden admin account

    A North Korean threat group has been using a technique called RID hijacking that tricks Windows into treating a low-privileged account as one with administrator permissions. The hackers used a custom malicious file and an open source tool for the hijacking attack. Both utilities can perform the attack but researchers at South Korean cybersecurity company AhnLab say that there are differences. How RID…

    Read More »
  • Blog
    digitpatroxJanuary 17, 2025
    83

    Microsoft expands testing of Windows 11 admin protection feature

    Microsoft has expanded its Windows 11 administrator protection tests, allowing Insiders to enable the security feature from the Windows Security settings. First introduced in October in a preview build for Windows 11 Insiders in the Canary Channel, admin protection uses a hidden, just-in-time elevation mechanism and Windows Hello authentication prompts that only unlock admin rights when needed to block access…

    Read More »
  • Blog
    digitpatroxJanuary 14, 2025
    95

    Stolen Path of Exile 2 admin account used to hack player accounts

    Path of Exile 2 developers confirmed that a hacked admin account allowed a threat actor to change the password and access at least 66 accounts, finally explaining how PoE 2 accounts have been breached since November. The breached admin account allowed the threat actors to change the passwords of other accounts, with many losing their in-game purchases, including valuable items…

    Read More »
  • Blog
    digitpatroxDecember 10, 2024
    119

    Microsoft 365 outage takes down Office web apps, admin center

    Microsoft is investigating a widespread and ongoing Microsoft 365 outage impacting Office web apps and the Microsoft 365 admin center. Since this incident started hours ago, Downdetector has received user reports complaining about problems connecting to Outlook, OneDrive, and other Office 365 apps and services. Affected customers see “We’re experiencing a service outage. All of your open files have been…

    Read More »
  • Blog
    digitpatroxNovember 18, 2024
    119

    Microsoft 365 Admin portal abused to send sextortion emails

    The Microsoft 365 Admin Portal is being abused to send sextortion emails, making the messages appear trustworthy and bypassing email security platforms. Sextortion emails are scams claiming that your computer or mobile device was hacked to steal images or videos of you performing sexual acts. The scammers then demand from you a payment of $500 to $5,000 to prevent them…

    Read More »
Load More
Back to top button
close