Researchers Uncover Vulnerabilities in Solarman and Deye Solar Systems

Cybersecurity researchers have identified a number of security shortcomings in photovoltaic system management platforms operated by Chinese companies Solarman and Deye that could enable malicious actors to cause disruption and power blackouts. "If exploited, these vulnerabilities could allow an...

Critical Solar Power Grid Vulnerabilities Risk Global Blackouts

Cybersecurity firm Bitdefender reveals critical vulnerabilities in solar power management platforms, putting 20% of global solar production at…...

Bitdefender GravityZone 安全漏洞

Bitdefender GravityZone is a scanning software from Bitdefender Romania. A security vulnerability exists in Bitdefender GravityZone versions prior to 6.38.1-5, which stems from the presence of a detailed error handling issue that allows an attacker to spoof server-side requests...

Mandrake spyware sneaks onto Google Play again, flying under the radar for two years

Introduction In May 2020, Bitdefender released a white paper containing a detailed analysis of Mandrake, a sophisticated Android cyber-espionage platform, which had been active in the wild for at least four years. In April 2024, we discovered a suspicious sample that appeared to be a new version ...

Bitdefender GravityZone Update Server Security Vulnerability

Bitdefender GravityZone Update Server is a solution from Bitdefender Romania for managing and distributing update files on the Bitdefender GravityZone administrator console. A security vulnerability exists in Bitdefender GravityZone Update Server that stems from a problem with the host whitelist...

CVE-2024-31684

Incorrect access control in the fingerprint authentication mechanism of Bitdefender Mobile Security v4.11.3-gms allows attackers to bypass fingerprint authentication due to the use of a deprecated API...

CVE-2024-31684

Incorrect access control in the fingerprint authentication mechanism of Bitdefender Mobile Security v4.11.3-gms allows attackers to bypass fingerprint authentication due to the use of a deprecated API...

CVE-2024-31684

Incorrect access control in the fingerprint authentication mechanism of Bitdefender Mobile Security v4.11.3-gms allows attackers to bypass fingerprint authentication due to the use of a deprecated API...

Surge in Discord Malware Attacks as 50,000 Malicious Links Uncovered

By Waqas Cybersecurity researchers at Bitdefender have found a surge in malware and phishing attacks on Discord, noting 50,000 malicious… This is a post from HackRead.com Read the original post: Surge in Discord Malware Attacks as 50,000 Malicious Links Uncovered...

Surge in Discord Malware Attacks as 50,000 Malicious Links Uncovered

Cybersecurity researchers at Bitdefender have found a surge in malware and phishing attacks on Discord, noting 50,000 malicious…...

Fake Antivirus Sites Spread Malware Disguised as Avast, Malwarebytes, Bitdefender

By Deeba Ahmed Trellix research exposes the dangers of fake antivirus websites disguised as legitimate security software but harbouring malware. Learn… This is a post from HackRead.com Read the original post: Fake Antivirus Sites Spread Malware Disguised as Avast, Malwarebytes, Bitdefender...

A Catalog of Hazardous AV Sites – A Tale of Malware Hosting

A Catalog of Hazardous AV Sites – A Tale of Malware Hosting By Trellix · May 23, 2024 This blog was written by Gurumoorthi Ramanathan Executive summary In mid-April 2024, Trellix Advanced Research Center team members observed multiple fake AV sites hosting highly sophisticated malicious files suc...

New APT Group “Unfading Sea Haze” Hits Military Targets in South China Sea

By Waqas Unfading Sea Haze's modus operandi spans over five years, with evidence dating back to 2018, reveals Bitdefender Labs' investigation. This is a post from HackRead.com Read the original post: New APT Group "Unfading Sea Haze" Hits Military Targets in South China Sea...

Researchers Warn of Chinese-Aligned Hackers Targeting South China Sea Countries

Cybersecurity researchers have disclosed details of a previously undocumented threat group called Unfading Sea Haze that's believed to have been active since 2018. The intrusion singled out high-level organizations in South China Sea countries, particularly military and government targets,...

CVE-2024-2223

An Incorrect Regular Expression vulnerability in Bitdefender GravityZone Update Server allows an attacker to cause a Server Side Request Forgery and reconfigure the relay. This issue affects the following products that include the vulnerable component: Bitdefender Endpoint Security for Linux...

CVE-2024-2224

Improper Limitation of a Pathname to a Restricted Directory ‘Path Traversal’ vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects the following products that include the vulnerable component...

Researchers Discover LG Smart TV Vulnerabilities Allowing Root Access

Multiple security vulnerabilities have been disclosed in LG webOS running on its smart televisions that could be exploited to bypass authorization and gain root access on the devices. The findings come from Romanian cybersecurity firm Bitdefender, which discovered and reported the flaws in Novemb...

CVE-2024-2224

CVE-2024-2224 affects Bitdefender GravityZone UpdateServer and related products: Linux endpoint 7.0.5.200089, Windows endpoint 7.9.9.380, GravityZone Control Center On Premises 6.36.1. The issue is an Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) in the UpdateServer...

CVE-2024-2224 Privilege Escalation via the GravityZone productManager UpdateServer.KitsManager API (VA-11466)

Improper Limitation of a Pathname to a Restricted Directory ‘Path Traversal’ vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects the following products that include the vulnerable component...

CVE-2024-2224 Privilege Escalation via the GravityZone productManager UpdateServer.KitsManager API (VA-11466)

Improper Limitation of a Pathname to a Restricted Directory ‘Path Traversal’ vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects the following products that include the vulnerable component...