RCE Vulnerabilities in Microsoft SharePoint Server: PoC Exploit Code Published
Security researcher Janggggg has disclosed proof-of-concept (PoC) exploit code for three vulnerabilities (CVE-2024-38023, CVE-2024-38024, CVE-2024-38094) in Microsoft SharePoint Server. Although the...
View ArticleFrom Meetings to Malware: Vortax’s Elaborate Crypto-Stealing Scheme Uncovered
Recorded Future’s Insikt Group has exposed “Vortax,” a seemingly legitimate virtual meeting software, as a sophisticated front for a massive malware operation targeting cryptocurrency users. This...
View ArticleCritical Vulnerabilities Expose ifm Smart PLCs to Remote Attacks
Germany’s CERT@VDE has issued a warning about a series of critical security flaws impacting ifm Smart PLC controllers running firmware versions up to 4.3.17. These vulnerabilities, assigned CVEs...
View ArticleGitLab Patches Critical Security Vulnerability (CVE-2024-6385), Urges...
In a security advisory released today, GitLab, the popular web-based DevOps platform, disclosed several critical vulnerabilities affecting various versions of their Community Edition (CE) and...
View ArticleEstateRansomware Exploits Veeam Vulnerability (CVE-2023-27532) in...
A recently disclosed vulnerability in Veeam Backup & Replication software has culminated in a significant ransomware incident. Yeo Zi Wei, a Junior Incident Response and Digital Forensics Analyst...
View ArticleVulnerability in lighttpd Web Server Exposes Sensitive Data: Urgent Patch...
The Carnegie Mellon CERT Coordination Center (CERT/CC) has issued a critical vulnerability note regarding a use-after-free vulnerability in lighttpd versions 1.4.50 and earlier. This vulnerability...
View ArticleNew Mirai Botnet Variants with AI-Powered Attacks Observed
A new report from Imperva Threat Research reveals a concerning resurgence of the Mirai botnet, a notorious malware known for its history of large-scale distributed denial-of-service (DDoS) attacks. The...
View ArticleCVE-2024-5910: Critical Vulnerability Threatens Palo Alto Networks’ Expedition
Palo Alto Networks, a leading cybersecurity firm, has released a critical security advisory detailing multiple vulnerabilities across its product lines, including PAN-OS, Cortex XDR, and Expedition....
View ArticleCVE-2024-36451 (CVSS 8.8): Webmin Vulnerability Allows Session Hijacking
Webmin and Usermin, popular web-based system administration tools used by millions worldwide, have been found to contain multiple security vulnerabilities, according to Japan’s CERT. These...
View ArticleCybercriminals Exploit Ebooks to Spread AsyncRAT Malware
A recent report from AhnLab Security Intelligence Center (ASEC) reveals new cyberattacks utilizing a novel method to distribute the AsyncRAT remote access trojan (RAT). Disguised as harmless ebooks,...
View ArticlePepperl+Fuchs Industrial Devices Exposed to Critical Vulnerabilities
Germany’s CERT@VDE has issued a security advisory regarding critical vulnerabilities in several Pepperl+Fuchs products. These vulnerabilities, identified as CVE-2024-6422 and CVE-2024-6421, pose...
View ArticleServiceNow Security Alert: Critical Vulnerabilities Expose Businesses to RCE...
ServiceNow, a widely used platform for business transformation, has recently disclosed three critical security vulnerabilities that could have severe consequences for organizations worldwide. These...
View ArticleDarkGate Malware Makes a Comeback, Exploiting Excel and Samba Shares in...
The notorious DarkGate malware, once dormant after the Qakbot takedown, has reemerged, leveraging a clever combination of Microsoft Excel files and public Samba shares to distribute its malicious...
View ArticleCloud Software Group Confirms CVE-2024-6387 Exposure in NetScaler
Cloud Software Group has issued a security advisory warning customers of a critical vulnerability in OpenSSH, a widely used secure shell protocol. The vulnerability, tracked as CVE-2024-6387 and...
View ArticleCVE-2024-39202: RCE Flaw Found in D-Link DIR-823X Firmware, Patch in Development
A security vulnerability, identified as CVE-2024-39202, has been discovered in the D-Link DIR-823X AX3000 Dual-Band Gigabit Wireless Router, posing a significant risk to users. The vulnerability was...
View ArticleNorth Korean APT Group Kimsuky Targets Japanese Organizations with Stealthy...
Japanese organizations are being targeted by the notorious North Korean advanced persistent threat (APT) group, Kimsuky, in a sophisticated cyberespionage campaign. The Japan Computer Emergency...
View ArticlePoco RAT Malware Targets Spanish-Speaking Mining Companies
A new and insidious malware threat, dubbed Poco RAT, has emerged, targeting Spanish-speaking companies, primarily within the mining sector across Latin America. This sophisticated Remote Access Trojan...
View ArticleHackers are actively exploiting PHP RCE vulnerability (CVE-2024-4577)
A critical vulnerability in PHP, designated CVE-2024-4577, has become a prime target for cybercriminals within a day of its public disclosure in June 2024. The Akamai Security Intelligence Response...
View ArticleJuniper Junos OS Evolved Vulnerabilities Enable Root-Level Compromise
Juniper Networks has issued patches to address five vulnerabilities discovered within its Junos OS Evolved operating system. These flaws, collectively assigned Common Vulnerabilities and Exposures...
View ArticleShadowRoot Ransomware Targets Turkish Businesses
Forcepoint X-Labs, a leading cybersecurity research team, has unveiled a new ransomware strain dubbed “ShadowRoot” specifically targeting Turkish businesses. The attack begins with phishing emails...
View Article