20914 matches found
Apple Issues Patch for Critical Zero-Day in iPhones, Macs - Update Now
Apple on Monday released security updates for iOS, iPadOS, macOS, tvOS, and Safari web browser to address a zero-day flaw that has come under active exploitation in the wild. The issue, tracked as CVE-2024-23222, is a type confusion bug in the WebKit browser engine that could be exploited by a...
Critical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches
Juniper Networks has released updates to fix a critical remote code execution RCE vulnerability in its SRX Series firewalls and EX Series switches. The issue, tracked as CVE-2024-21591, is rated 9.8 on the CVSS scoring system. "An out-of-bounds write vulnerability in J-Web of Juniper Networks Jun...
Mirai-based Botnet Exploiting Zero-Day Bugs in Routers and NVRs for Massive DDoS Attacks
An active malware campaign is leveraging two zero-day vulnerabilities with remote code execution RCE functionality to rope routers and video recorders into a Mirai-based distributed denial-of-service DDoS botnet. "The payload targets routers and network video recorder NVR devices with default adm...
Urgent: VMware Warns of Unpatched Critical Cloud Director Vulnerability
VMware is warning of a critical and unpatched security flaw in Cloud Director that could be exploited by a malicious actor to get around authentication protections. Tracked as CVE-2023-34060 CVSS score: 9.8, the vulnerability impacts instances that have been upgraded to version 10.5 from an older...
Alert: Juniper Firewalls, Openfire, and Apache RocketMQ Under Attack from New Exploits
Recently disclosed security flaws impacting Juniper firewalls, Openfire, and Apache RocketMQ servers have come under active exploitation in the wild, according to multiple reports. The Shadowserver Foundation said that it's "seeing exploitation attempts from multiple IPs for Juniper J-Web...
Notorious Cyber Gang FIN7 Returns With Cl0p Ransomware in New Wave of Attacks
The notorious cybercrime group known as FIN7 has been observed deploying Cl0p aka Clop ransomware, marking the threat actor's first ransomware campaign since late 2021. Microsoft, which detected the activity in April 2023, is tracking the financially motivated actor under its new taxonomy Sangria...
Warning: Samsung Devices Under Attack! New Security Flaw Exposed
The U.S. Cybersecurity and Infrastructure Security Agency CISA has warned of active exploitation of a medium-severity flaw affecting Samsung devices. The issue, tracked as CVE-2023-21492 CVSS score: 4.4, impacts select Samsung devices running Android versions 11, 12, and 13. The South Korean...
CISA Alerts on Critical Security Vulnerabilities in Industrial Control Systems
The U.S. Cybersecurity and Infrastructure Security Agency CISA has released eight Industrial Control Systems ICS advisories on Tuesday, warning of critical flaws affecting equipment from Delta Electronics and Rockwell Automation. This includes 13 security vulnerabilities in Delta Electronics'...
Unpatched Security Flaws Disclosed in Multiple Document Management Systems
Multiple unpatched security flaws have been disclosed in open source and freemium Document Management System DMS offerings from four vendors LogicalDOC, Mayan, ONLYOFFICE, and OpenKM. Cybersecurity firm Rapid7 said the eight vulnerabilities offer a mechanism through which "an attacker can convinc...
CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems
The U.S. Cybersecurity and Infrastructure Security Agency CISA has published four Industrial Control Systems ICS advisories, calling out several security flaws affecting products from Siemens, GE Digital, and Contec. The most critical of the issues have been identified in Siemens SINEC INS that...
Inside Raccoon Stealer V2
Raccoon Stealer is back on the news again. US officials arrested Mark Sokolovsky, one of the malware actors behind this program. In July 2022, after several months of the shutdown, a Raccoon Stealer V2 went viral. Last week, the Department of Justice's press release stated that the malware...
VMware Releases Patch for Critical RCE Flaw in Cloud Foundation Platform
VMware on Tuesday shipped security updates to address a critical security flaw in its VMware Cloud Foundation product. Tracked as CVE-2021-39144, the issue has been rated 9.8 out of 10 on the CVSS vulnerability scoring system, and relates to a remote code execution vulnerability via XStream open...
Experts Find Malicious Cookie Stuffing Chrome Extensions Used by 1.4 Million Users
Five imposter extensions for the Google Chrome web browser masquerading as Netflix viewers and others have been found to track users' browsing activity and profit off retail affiliate programs. "The extensions offer various functions such as enabling users to watch Netflix shows together, website...
CISA Warned About Critical Vulnerabilities in Illumina's DNA Sequencing Devices
The U.S. Cybersecurity and Infrastructure Security Agency CISA and Food and Drug Administration FDA have issued an advisory about critical security vulnerabilities in Illumina's next-generation sequencing NGS software. Three of the flaws are rated 10 out of 10 for severity on the Common...
Critical Magento 0-Day Vulnerability Under Active Exploitation — Patch Released
Adobe on Sunday rolled out patches to contain a critical security vulnerability impacting its Commerce and Magento Open Source products that it said is being actively exploited in the wild. Tracked as CVE-2022-24086, the shortcoming has a CVSS score of 9.8 out of 10 on the vulnerability scoring...
Cring Ransomware Gang Exploits 11-Year-Old ColdFusion Bug
Unidentified threat actors breached a server running an unpatched, 11-year-old version of Adobe's ColdFusion 9 software in minutes to remotely take over control and deploy file-encrypting Cring ransomware on the target's network 79 hours after the hack. The server, which belonged to an unnamed...
Hackers Can Exploit Samsung Pre-Installed Apps to Spy On Users
Multiple critical security flaws have been disclosed in Samsung's pre-installed Android apps, which, if successfully exploited, could have allowed adversaries access to personal data without users' consent and take control of the devices. "The impact of these bugs could have allowed an attacker t...
Rising Demand for DDoS Protection Software Market By 2020-2028
Distributed Denial of Service DDoS attack is a malicious form of attack that disrupts the regular network traffic by overwhelming the website with more traffic than the server can handle. The main aim of this kind of cyberattack is to render the website inoperable. Over recent years, these kinds ...
SolarWinds Hack — New Evidence Suggests Potential Links to Chinese Hackers
A malicious web shell deployed on Windows systems by leveraging a previously undisclosed zero-day in SolarWinds' Orion network monitoring software may have been the work of a possible Chinese threat group. In a report published by Secureworks on Monday, the cybersecurity firm attributed the...
Data Breach Exposes 1.6 Million Jobless Claims Filed in the Washington State
The Office of the Washington State Auditor SAO on Monday said it's investigating a security incident that resulted in the compromise of personal information of more than 1.6 million people who filed for unemployment claims in the state in 2020. The SAO blamed the breach on a software vulnerabilit...
Improper Microsoft Patch for Reverse RDP Attacks Leaves 3rd-Party RDP Clients Vulnerable
Remember the Reverse RDP Attack—wherein a client system vulnerable to a path traversal vulnerability could get compromised when remotely accessing a server over Microsoft's Remote Desktop Protocol? Though Microsoft had patched the vulnerability CVE-2019-0887 as part of its July 2019 Patch Tuesday...
Hundreds of BEC Scammers Arrested in Nigeria and U.S. — $3.7 Million Recovered
Breaking News — The Nigerian prince and his allies who might have also asked you over an email for your assistance to help save "the first African astronaut lost in space" have finally been arrested by the FBI. Don't take it too seriously, as there's no Nigerian prince or an astronaut seeking you...
DHS Warns Small Airplanes Vulnerable to Flight Data Manipulation Attacks
What could be more horrifying than knowing that a hacker can trick the plane's electronic systems into displaying false flight data to the pilot, which could eventually result in loss of control? Of course, the attacker would never wish to be on the same flight, so in this article, we are going t...
New Flaw in WordPress Live Chat Plugin Lets Hackers Steal and Hijack Sessions
Security researchers have been warning about a critical vulnerability they discovered in one of a popular WordPress Live Chat plugin, which, if exploited, could allow unauthorized remote attackers to steal chat logs or manipulate chat sessions. The vulnerability, identified as CVE-2019-12498,...
Popular Torrent Uploader 'CracksNow' Caught Spreading Ransomware
It's not at all surprising that downloading movies and software from the torrent network could infect your computer with malware, but it's more heartbreaking when a popular, trusted file uploader goes rogue. Popular software cracks/keygens uploader "CracksNow," who had trusted status from many...
Quora Gets Hacked – 100 Million Users Data Stolen
The World's most popular question-and-answer website Quora has suffered a massive data breach with unknown hackers gaining unauthorized access to potentially sensitive personal information of about 100 million of its users. Quora announced the incident late Monday after its team last Friday...
Critical Flaw in Fortnite Android App Lets Hackers Install Malware
Security researchers from Google have publicly disclosed an extremely serious security flaw in the first Fortnite installer for Android that could allow other apps installed on the targeted devices to manipulate installation process and load malware, instead of the Fortnite APK. Earlier this mont...
Facebook Faces £500,000 Fine in U.K. Over Cambridge Analytica Leak
Facebook has been fined £500,000 $664,000 in the U.K. after the country's data protection watchdog concluded that its data-sharing scandal broke the law, making it as the social network's first fine over the Cambridge Analytica scandal. Yes, £500,000—that's the maximum fine allowed by the UK's Da...
Facebook bug changed 14 million users' default privacy settings to public
Facebook admits as many as 14 millions of its users who thought they're sharing content privately with only friends may have inadvertently shared their posts with everyone because of a software bug. Facebook said in front of Congress in March over the Cambridge Analytica scandal that "every piece...
Towelroot : One-Click Android Rooting Tool Released By Geohot
Waiting for the root access for your AT&T or Verizon Android phone? Then there is really a Great News for you! Geohot aka George Hotz - a famed cracker who was responsible for hacking the PlayStation 3 and subsequently being sued by Sony - has built and released a root tool called Towelroot on...
Microsoft Word Zero-Day Vulnerability is being exploited in the Wild
Microsoft warned about a zero-day vulnerability in Microsoft Word that is being actively exploited in targeted attacks and discovered by the Google security team. “At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010…” company said. According to Microsoft's...
GitHub Desktop Vulnerability Risks Credential Leaks via Malicious Remote URLs
Multiple security vulnerabilities have been disclosed in GitHub Desktop as well as other Git-related projects that, if successfully exploited, could permit an attacker to gain unauthorized access to a user's Git credentials. "Git implements a protocol called Git Credential Protocol to retrieve...
Combatting the Evolving SaaS Kill Chain: How to Stay Ahead of Threat Actors
The modern kill chain is eluding enterprises because they aren't protecting the infrastructure of modern business: SaaS. SaaS continues to dominate software adoption, and it accounts for the greatest share of public cloud spending. But enterprises and SMBs alike haven't revised their security...
Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack
The maintainers of the PuTTY Secure Shell SSH and Telnet client are alerting users of a critical vulnerability impacting versions from 0.68 through 0.80 that could be exploited to achieve full recovery of NIST P-521 ecdsa-sha2-nistp521 private keys. The flaw has been assigned the CVE identifier...
Google TAG Detects State-Backed Threat Actors Exploiting WinRAR Flaw
A number of state-back threat actors from Russia and China have been observed exploiting a recent security flaw in the WinRAR archiver tool for Windows as part of their operations. The vulnerability in question is CVE-2023-38831 CVSS score: 7.8, which allows attackers to execute arbitrary code wh...
Hundreds of Citrix NetScaler ADC and Gateway Servers Hacked in Major Cyber Attack
Hundreds of Citrix NetScaler ADC and Gateway servers have been breached by malicious actors to deploy web shells, according to the Shadowserver Foundation. The non-profit said the attacks take advantage of CVE-2023-3519, a critical code injection vulnerability that could lead to unauthenticated...
DDoS Botnets Hijacking Zyxel Devices to Launch Devastating Attacks
Several distributed denial-of-service DDoS botnets have been observed exploiting a critical flaw in Zyxel devices that came to light in April 2023 to gain remote control of vulnerable systems. "Through the capture of exploit traffic, the attacker's IP address was identified, and it was determined...
New Mockingjay Process Injection Technique Could Let Malware Evade Detection
A new process injection technique dubbed Mockingjay could be exploited by threat actors to bypass security solutions to execute malicious code on compromised systems. "The injection is executed without space allocation, setting permissions or even starting a thread," Security Joes researchers...
3CX Supply Chain Attack — Here's What We Know So Far
Enterprise communications software maker 3CX on Thursday confirmed that multiple versions of its desktop app for Windows and macOS are affected by a supply chain attack. The version numbers include 18.12.407 and 18.12.416 for Windows and 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 for macOS...
Warning: AI-generated YouTube Video Tutorials Spreading Infostealer Malware
Threat actors have been increasingly observed using AI-generated YouTube Videos to spread a variety of stealer malware such as Raccoon, RedLine, and Vidar. "The videos lure users by pretending to be tutorials on how to download cracked versions of software such as Photoshop, Premiere Pro, Autodes...
Google Warns of Internet Explorer Zero-Day Vulnerability Exploited by ScarCruft Hackers
An Internet Explorer zero-day vulnerability was actively exploited by a North Korean threat actor to target South Korean users by capitalizing on the recent Itaewon Halloween crowd crush to trick users into downloading malware. The discovery, reported by Google Threat Analysis Group researchers...
Iranian Hackers Strike Diamond Industry with Data-Wiping Malware in Supply-Chain Attack
An Iranian advanced persistent threat APT actor known as Agrius has been attributed as behind a set of data wiper attacks aimed at diamond industries in South Africa, Israel, and Hong Kong. The wiper, referred to as Fantasy by ESET, is believed to have been delivered via a supply-chain attack...
CISA Warns of Active Exploitation of Palo Alto Networks' PAN-OS Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a security flaw impacting Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. The high-severity vulnerability, tracked as CVE-2022-0028 CVSS score: 8.6, i...
New Android Malware Uses VNC to Spy and Steal Passwords from Victims
A previously undocumented Android-based remote access trojan RAT has been found to use screen recording features to steal sensitive information on the device, including banking credentials, and open the door for on-device fraud. Dubbed "Vultur" due to its use of Virtual Network Computing VNC's...
Researcher Uncovers Yet Another Unpatched Windows Printer Spooler Vulnerability
Merely days after Microsoft sounded the alarm on an unpatched security vulnerability in the Windows Print Spooler service, possibly yet another zero-day flaw in the same component has come to light, making it the fourth printer-related shortcoming to be discovered in recent weeks. "Microsoft...
Critical Auth Bypass Bug Affects VMware Carbon Black App Control
VMware has rolled out security updates to resolve a critical flaw affecting Carbon Black App Control that could be exploited to bypass authentication and take control of vulnerable systems. The vulnerability, identified as CVE-2021-21998, is rated 9.4 out of 10 in severity by the industry-standar...
SolarWinds Hackers Target Think Tanks With New 'NativeZone' Backdoor
Microsoft on Thursday disclosed that the threat actor behind the SolarWinds supply chain hack returned to the threat landscape to target government agencies, think tanks, consultants, and non-governmental organizations located across 24 countries, including the U.S. Some of the entities that were...
Two Critical Flaws — CVSS Score 10 — Affect Dell Wyse Thin Client Devices
A team of researchers today unveiled two critical security vulnerabilities in Dell Wyse Thin clients that could have potentially allowed attackers to remotely execute malicious code and access arbitrary files on affected devices. The flaws, which were uncovered by healthcare cybersecurity provide...
Premium-Rate Phone Fraudsters Hack VoIP Servers of 1200 Companies
Cybersecurity researchers today took the wraps off an on-going cyber fraud operation led by hackers in Gaza, West Bank, and Egypt to compromise VoIP servers of more than 1,200 organizations across 60 countries over the past 12 months. According to findings published by Check Point Research, the...
Explained: How New 'Delegated Credentials' Boosts TLS Protocol Security
Mozilla, in partnership with Facebook, Cloudflare, and other IETF community members, has announced technical specifications for a new cryptographic protocol called "Delegated Credentials for TLS." Delegated Credentials for TLS is a new simplified way to implement "short-lived" certificates withou...