CVE-2024-6922: SSRF Flaw Found in Automation Anywhere, 3,500+ Servers Exposed
A vulnerability, identified as CVE-2024-6922, has been discovered in Automation Anywhere Automation 360, a widely used robotic process automation (RPA) platform. The vulnerability, unauthenticated...
View ArticleMicrosoft Remains Top Phishing Target, Adidas and WhatsApp Join Top 10
Phishing attacks remain one of the most prevalent cyber threats and often serve as the precursor to larger-scale supply chain campaigns. Recently, Check Point Research (CPR), the threat intelligence...
View ArticleCisco Confirms Critical RADIUS Protocol Vulnerability in Multi Products:...
Cisco has issued a security advisory for a critical vulnerability (CVE-2024-3596) in the RADIUS protocol, a widely used authentication and authorization framework for network access. This vulnerability...
View ArticleCVE-2024-34693: Apache Superset Arbitrary File Read Vulnerability, PoC Published
The Apache Software Foundation recently released security updates to address an arbitrary file read vulnerability (CVE-2024-34693) in Apache Superset. This vulnerability could allow an attacker to read...
View ArticleMicrosoft Edge Update Tackles 18 Vulnerabilities, Including Proprietary Fixes
Microsoft has recently released a security update for its Edge browser, version 127.0.2651.74, addressing a total of 18 vulnerabilities. The update incorporates patches for 16 vulnerabilities found in...
View ArticleKaspersky’s Proactive Audit Offer Rejected by U.S. Amid Ban
The prominent Russian cybersecurity firm Kaspersky proactively proposed a third-party source code audit before its ban in the United States, as reported by The Register. This strategic move aimed to...
View ArticleCyberattack Surge: SMBs Grapple with 8% Rise in Malware
Kaspersky’s most recent report reveals a concerning 5% surge in malware infections among small and medium-sized enterprises (SMBs) during the first quarter of 2024, compared to the corresponding period...
View ArticleCritical Vulnerabilities Discovered in WinMatrix IT Management System
Taiwan’s CERT (Computer Emergency Response Team) has issued a critical warning regarding two severe vulnerabilities [1, 2] discovered in Simopro Technology’s WinMatrix IT resource management system....
View ArticleCybersecurity in Focus: ECB Stress Test Exposes Banks’ Vulnerabilities
The European Central Bank (ECB) has concluded an extensive cybersecurity stress test of European banks, initiated in January 2024. The regulator assessed the readiness of financial institutions to...
View ArticleGoogle Patches Chrome Password Manager Bug After Mass Outage
Google has apologized for a malfunction that prevented many Windows users from finding or saving their passwords in the Chrome browser. The issue, which arose on July 24 and persisted for nearly 18...
View ArticleRaspAP Vulnerability: Root Access at Risk for Raspberry Pi Users
Security researcher Zonifer has uncovered a critical vulnerability (CVE-2024-41637) in RaspAP, a popular open-source tool used to turn Raspberry Pi devices into wireless access points. This...
View ArticleGoogle Patches Workspace Authentication Flaw, Thwarting Account Takeover...
Google has recently addressed a critical security flaw in its Google Workspace platform that allowed threat actors to bypass email verification during account creation, as reported by KrebsOnSecurity....
View ArticleImageMagick AppImage Vulnerability Opens Door to Arbitrary Code Execution
ImageMagick, a popular image processing library used in a wide range of industries, has issued a security advisory warning users of a vulnerability in its AppImage version. The flaw, discovered by...
View Article32,000 Downloads: Kaspersky Exposes Mandrake Spyware’s Google Play Infiltration
Kaspersky researchers revealed the return of the Mandrake Android spyware, which has been discovered lurking on the Google Play Store for two years, amassing over 32,000 downloads across five different...
View ArticleThree Security Flaws Discovered in Adtran 834-5 Wi-Fi 5 Service Delivery Gateway
A series of vulnerabilities have been uncovered in the widely deployed Adtran 834-5 Wi-Fi 5 Service Delivery Gateway (SDG), potentially leaving countless users and networks exposed to malicious...
View ArticleNorth Korea’s APT45: From Espionage to Ransomware Extortion
The North Korean hacker group Andariel is accused of stealing confidential information and weapons blueprints from various countries worldwide. The cybersecurity company Mandiant has published the...
View ArticleCVE-2024-37085: VMware ESXi Vulnerability Exploited by Ransomware Gangs
Microsoft Threat Intelligence has disclosed a vulnerability (CVE-2024-37085) in VMware ESXi hypervisors, which is being actively exploited in the wild by multiple ransomware threat actors. The...
View ArticleCuckoo Spear Threat Alert: APT10 Targets Japan’s Critical Infrastructure
A newly published threat analysis report from Cybereason Security Services reveals “Cuckoo Spear,” a sophisticated and persistent cyber espionage campaign targeting Japanese companies and critical...
View ArticleCVE-2024-41714 (CVSS 9.9): Command Injection Flaw Discovered in Mitel...
Mitel, a leading provider of business communication solutions, has issued a critical security advisory (24-0021-001) regarding a command injection vulnerability (CVE-2024-41714) found in the MiCollab...
View ArticleApple Extends Zero-Day Patch to Older Macs, Urges Immediate Update
Apple has expanded its security efforts by backporting a critical zero-day patch to older Mac models running macOS Monterey 12.7.6. The vulnerability, tracked as CVE-2024-23296, was previously...
View Article