Multiple Campaigns Exploit VMware Vulnerability to Deploy Crypto Miners and Ransomware

A now-patched vulnerability in VMware Workspace ONE Access has been observed being exploited to deliver both cryptocurrency miners and ransomware on affected machines. "The attacker intends to utilize a victim's resources as much as possible, not only to install RAR1Ransom for extortion, but also...

CISA Issues Warning on Active Exploitation of UnRAR Software for Linux Systems

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added a recently disclosed security flaw in the UnRAR utility to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. Tracked as CVE-2022-30333 CVSS score: 7.5, the issue concerns a path...

New Bluetooth Flaws Let Attackers Impersonate Legitimate Devices

Adversaries could exploit newly discovered security weaknesses in Bluetooth Core and Mesh Profile Specifications to masquerade as legitimate devices and carry out man-in-the-middle MitM attacks. "Devices supporting the Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks...

Amnesia:33 — Critical TCP/IP Flaws Affect Millions of IoT Devices

Cybersecurity researchers disclosed a dozen new flaws in multiple widely-used embedded TCP/IP stacks impacting millions of devices ranging from networking equipment and medical devices to industrial control systems that could be exploited by an attacker to take control of a vulnerable system...

Critical PPP Daemon Flaw Opens Most Linux Systems to Remote Hackers

The US-CERT today issued advisory warning users of a new dangerous 17-year-old remote code execution vulnerability affecting the PPP daemon pppd software that comes installed on almost all Linux based operating systems, as well as powers the firmware of many other networking devices. The affected...

Tor Browser Zero-Day Exploit Revealed Online – Patch Now

Zerodium, the infamous exploit vendor that earlier this year offered $1 million for submitting a zero-day exploit for Tor Browser, today publicly revealed a critical zero-day flaw in the anonymous browsing software that could reveal your identity to the sites you visit. In a Tweet, Zerodium share...

F5 BIG-IP Found Vulnerable to Kerberos KDC Spoofing Vulnerability

Cybersecurity researchers on Wednesday disclosed a new bypass vulnerability CVE-2021-23008 in the Kerberos Key Distribution Center KDC security feature impacting F5 Big-IP application delivery services. "The KDC Spoofing vulnerability allows an attacker to bypass the Kerberos authentication to...

New Spectre (Variant 4) CPU Flaw Discovered—Intel, ARM, AMD Affected

Security researchers from Microsoft and Google have discovered a fourth variant of the data-leaking Meltdown-Spectre security flaws impacting modern CPUs in millions of computers, including those marketed by Apple. Variant 4 comes weeks after German computer magazine Heise reported about a set of...

Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now

Networking equipment maker Zyxel has released patches for a critical security flaw in its firewall devices that could be exploited to achieve remote code execution on affected systems. The issue, tracked as CVE-2023-28771, is rated 9.8 on the CVSS scoring system. Researchers from TRAPA Security...

Microsoft Warns of New Unpatched Windows Print Spooler Vulnerability

Microsoft on Thursday shared fresh guidance on yet another vulnerability affecting the Windows Print Spooler service, stating that it's working to address it in an upcoming security update. Tracked as CVE-2021-34481 CVSS score: 7.8, the issue concerns a local privilege escalation flaw that could ...

Hackers Stole Customers' Credit Cards from 103 Checkers and Rally's Restaurants

If you have swiped your payment card at the popular Checkers and Rally's drive-through restaurant chains in past 2-3 years, you should immediately request your bank to block your card and notify it if you notice any suspicious transaction. Checkers, one of the largest drive-through restaurant...

Immediately Patch Windows 0-Day Flaw That's Being Used to Spread Spyware

Get ready to install a fairly large batch of security patches onto your Windows computers. As part of its September Patch Tuesday, Microsoft has released a large batch of security updates to patch a total of 81 CVE-listed vulnerabilities, on all supported versions of Windows and other MS products...

CopyCat Android Rooting Malware Infected 14 Million Devices

A newly uncovered malware strain has already infected more than 14 Million Android devices around the world, earning its operators approximately $1.5 Million in fake ad revenues in just two months. Dubbed CopyCat, the malware has capabilities to root infected devices, establish persistency, and...

Atlassian Confluence RCE Flaw Abused in Multiple Cyberattack Campaigns

Opportunistic threat actors have been found actively exploiting a recently disclosed critical security flaw in Atlassian Confluence deployments across Windows and Linux to deploy web shells that result in the execution of crypto miners on compromised systems. Tracked as CVE-2021-26084 CVSS score:...

Critical RCE Flaw Reported in MyBB Forum Software—Patch Your Sites

A pair of critical vulnerabilities in a popular bulletin board software called MyBB could have been chained together to achieve remote code execution RCE without the need for prior access to a privileged account. The flaws, which were discovered by independent security researchers Simon Scannell...

Microsoft Reveals New Innocent Ways Windows Users Can Get Hacked

Microsoft earlier today released its August 2020 batch of software security updates for all supported versions of its Windows operating systems and other products. This month's Patch Tuesday updates address a total of 120 newly discovered software vulnerabilities, of which 17 are critical, and th...

Industrial VPN Flaws Could Let Attackers Target Critical Infrastructures

Cybersecurity researchers have discovered critical vulnerabilities in industrial VPN implementations primarily used to provide remote access to operational technology OT networks that could allow hackers to overwrite data, execute malicious code, and compromise industrial control systems ICS. A n...

DDoS Attacker Who Ruined Gamers' Christmas Gets 27 Months in Prison

A 23-year-old hacker from Utah who launched a series of DDoS attacks against multiple online services, websites, and online gaming companies between December 2013 and January 2014 has been sentenced to 27 months in prison. Austin Thompson, a.k.a. "DerpTroll," pledged guilty back in November 2018...

Android July 2019 Security Update Patches 33 New Vulnerabilities

Google has started rolling out this month's security updates for its mobile operating system platform to address a total of 33 new security vulnerabilities affecting Android devices, 9 of which have been rated critical in severity. The vulnerabilities affect various Android components, including...

Zero-Day Alert: Google Chrome Under Active Attack, Exploiting New Vulnerability

Google has rolled out security updates to fix seven security issues in its Chrome browser, including a zero-day that has come under active exploitation in the wild. Tracked as CVE-2023-6345, the high-severity vulnerability has been described as an integer overflow bug in Skia, an open source 2D...

Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks

Zero-day vulnerabilities in Windows Installers for the Atera remote monitoring and management software could act as a springboard to launch privilege escalation attacks. The flaws, discovered by Mandiant on February 28, 2023, have been assigned the identifiers CVE-2023-26077 and CVE-2023-26078,...

23 Android Apps Expose Over 100,000,000 Users' Personal Data

Misconfigurations in multiple Android apps leaked sensitive data of more than 100 million users, potentially making them a lucrative target for malicious actors. "By not following best-practices when configuring and integrating third-party cloud-services into applications, millions of users'...

Android Issues Patches for 4 New Zero-Day Bugs Exploited in the Wild

Google on Wednesday updated its May 2021 Android Security Bulletin to disclose that four of the security vulnerabilities that were patched earlier this month by Arm and Qualcomm may have been exploited in the wild as zero-days. "There are indications that CVE-2021-1905, CVE-2021-1906,...

A Twitter Bug Left Android Users' Private Tweets Exposed For 4 Years

Twitter just admitted that the social network accidentally revealed some Android users' protected tweets to the public for more than 4 years — a kind of privacy blunder that you'd typically expect from Facebook. When you sign up for Twitter, all your Tweets are public by default, allowing anyone ...

Russian Sandworm Hackers Impersonate Ukrainian Telecoms to Distribute Malware

A threat cluster linked to the Russian nation-state actor tracked as Sandworm has continued its targeting of Ukraine with commodity malware by masquerading as telecom providers, new findings show. Recorded Future said it discovered new infrastructure belonging to UAC-0113 that mimics operators li...

CISA Warns of Active Exploitation of Critical Spring4Shell Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added the recently disclosed remote code execution RCE vulnerability affecting the Spring Framework, to its Known Exploited Vulnerabilities Catalog based on "evidence of active exploitation." The critical severity flaw,...

New Capoae Malware Infiltrates WordPress Sites and Installs Backdoored Plugin

A recently discovered wave of malware attacks has been spotted using a variety of tactics to enslave susceptible machines with easy-to-guess administrative credentials to co-opt them into a network with the goal of illegally mining cryptocurrency. "The malware's primary tactic is to spread by...

Foreshadow Attacks — 3 New Intel CPU Side-Channel Flaws Discovered

2018 has been quite a tough year for Intel. While the chip-maker giant is still dealing with Meltdown and Spectre processor vulnerabilities, yet another major speculative execution flaw has been revealed in Intel's Core and Xeon lines of processors that may leave users vulnerable to cyber-attacks...

Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability - Update Now!

Google on Monday released security updates to patch a high-severity flaw in its Chrome web browser that it said is being actively exploited in the wild. Tracked as CVE-2023-3079, the vulnerability has been described as a type confusion bug in the V8 JavaScript engine. Clement Lecigne of Google's...

Multiple Hacker Groups Exploit 3-Year-Old Vulnerability to Breach U.S. Federal Agency

Multiple threat actors, including a nation-state group, exploited a critical three-year-old security flaw in Progress Telerik to break into an unnamed federal entity in the U.S. The disclosure comes from a joint advisory issued by the Cybersecurity and Infrastructure Security Agency CISA, Federal...

Kaseya Rules Out Supply-Chain Attack; Says VSA 0-Day Hit Its Customers Directly

U.S. technology firm Kaseya, which is firefighting the largest ever supply-chain ransomware strike on its VSA on-premises product, ruled out the possibility that its codebase was unauthorizedly tampered with to distribute malware. While initial reports raised speculations that REvil, the ransomwa...

ALERT — New 21Nails Exim Bugs Expose Millions of Email Servers to Hacking

The maintainers of Exim have released patches to remediate as many as 21 security vulnerabilities in its software that could enable unauthenticated attackers to achieve complete remote code execution and gain root privileges. Collectively named '21Nails,' the flaws include 11 vulnerabilities that...

SAD DNS — New Flaws Re-Enable DNS Cache Poisoning Attacks

A group of academics from the University of California and Tsinghua University has uncovered a series of critical security flaws that could lead to a revival of DNS cache poisoning attacks. Dubbed "SAD DNS attack" short for Side-channel AttackeD DNS, the technique makes it possible for a maliciou...

Unsecured Adobe Server Exposes Data for 7.5 Million Creative Cloud Users

The U.S. multinational computer software company Adobe has suffered a serious security breach earlier this month that exposed user records' database belonging to the company's popular Creative Cloud service. With an estimated 15 million subscribers, Adobe Creative Cloud or Adobe CC is a...

Beware!! New Windows .exe Malware Found Targeting macOS Computers

A malicious Windows EXE file can even infect your Mac computer as well. Yes, you heard me right — a .exe malware on macOS. Security researchers at antivirus firm Trend Micro have discovered a novel way hackers are using in the wild to bypass Apple's macOS security protection and infect Mac...

Biggest-Ever DDoS Attack (1.35 Tbs) Hits Github Website

On Wednesday, February 28, 2018, GitHub's code hosting website hit with the largest-ever distributed denial of service DDoS attack that peaked at record 1.35 Tbps. Interestingly, attackers did not use any botnet network, instead weaponized misconfigured Memcached servers to amplify the DDoS attac...

CVE-2025-24054 Under Active Attack—Steals NTLM Credentials on File Download

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a medium-severity security flaw impacting Microsoft Windows to its Known Exploited Vulnerabilities KEV catalog, following reports of active exploitation in the wild. The vulnerability, assigned the CVE identifier...

'Lone Wolf' Hacker Group Targeting Afghanistan and India with Commodity RATs

A new malware campaign targeting Afghanistan and India is exploiting a now-patched, 20-year-old flaw affecting Microsoft Office to deploy an array of commodity remote access trojans RATs that allow the adversary to gain complete control over the compromised endpoints. Cisco Talos attributed the...

Hackers Spread BIOPASS Malware via Chinese Online Gambling Sites

Cybersecurity researchers are warning about a new malware that's striking online gambling companies in China via a watering hole attack to deploy either Cobalt Strike beacons or a previously undocumented Python-based backdoor called BIOPASS RAT that takes advantage of Open Broadcaster Software OB...

TeamViewer Flaw Could Let Hackers Steal System Password Remotely

If you are using TeamViewer, then beware and make sure you're running the latest version of the popular remote desktop connection software for Windows. TeamViewer team recently released a new version of its software that includes a patch for a severe vulnerability CVE 2020-13699, which, if...

Hackers Using Google Analytics to Bypass Web Security and Steal Credit Cards

Researchers reported on Monday that hackers are now exploiting Google's Analytics service to stealthily pilfer credit card information from infected e-commerce sites. According to several independent reports from PerimeterX, Kaspersky, and Sansec, threat actors are now injecting data-stealing cod...

GhostCat: New High-Risk Vulnerability Affects Servers Running Apache Tomcat

If your web server is running on Apache Tomcat, you should immediately install the latest available version of the server application to prevent hackers from taking unauthorized control over it. Yes, that's possible because all versions 9.x/8.x/7.x/6.x of the Apache Tomcat released in the past 13...

Almost Half A Million Delhi Citizens' Personal Data Exposed Online

Exclusive — A security researcher has identified an unsecured server that was leaking detailed personal details of nearly half a million Indian citizens... thanks to another MongoDB database instance that company left unprotected on the Internet accessible to anyone without password. In a report...

Patch Tuesday: Microsoft Releases Update to Fix 53 Vulnerabilities

It's Patch Tuesday—time to update your Windows devices. Microsoft has released a large batch of security updates as part of its November Patch Tuesday in order to fix a total of 53 new security vulnerabilities in various Windows products, 19 of which rated as critical, 31 important and 3 moderate...

Microsoft Issues Patches for Another Four Zero-Day Vulnerabilities

As part of this month's Patch Tuesday, Microsoft has released security patches for a total of 55 vulnerabilities across its products, including fixes for four zero-day vulnerabilities being exploited in the wild. Just yesterday, Microsoft released an emergency out-of-band update separately to pat...

Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics

Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign. "Deadglyph's architecture is unusual as it consists of cooperating components – one a native x64 binary,...

Andoryu Botnet Exploits Critical Ruckus Wireless Flaw for Widespread Attack

A nascent botnet called Andoryu has been found to exploit a now-patched critical security flaw in the Ruckus Wireless Admin panel to break into vulnerable devices. The flaw, tracked as CVE-2023-25717 CVSS score: 9.8, stems from improper handling of HTTP requests, leading to unauthenticated remote...

New SH1MMER Exploit for Chromebook Unenrolls Managed ChromeOS Devices

A new exploit has been devised to "unenroll" enterprise- or school-managed Chromebooks from administrative control. Enrolling ChromeOS devices makes it possible to enforce device policies as set by the organization via the Google Admin console, including the features that are available to users...

Comodo Forums Hack Exposes 245,000 Users' Data — Recent vBulletin 0-day Used

If you have an account with the Comodo discussion board and support forums, also known as ITarian Forum, you should change your password immediately. Cybersecurity company Comodo has become one of the major victims of a recently disclosed vBulletin 0-day vulnerability, exposing login account...

Microsoft Releases Updates to Patch Critical Flaws in Windows and Other Software

Microsoft has rolled out fixes for its Windows operating system and other software components to remediate major security shortcomings as part of Patch Tuesday updates for June 2023. Of the 73 flaws, six are rated Critical, 63 are rated Important, two are rated Moderated, and one is rated Low in...