AndroCon: New Study Shows How Your Phone Can Track Your Every Move, Even Indoors
A recent study titled “AndroCon: Conning Location Services in Android” has revealed a disturbing trend: smartphones can be covertly used to monitor users, creating highly accurate maps of their...
View ArticleZabbix Addresses Multi Vulnerabilities, Including RCE CVE-2024-36461 (CVSS...
Zabbix, the widely-used open-source monitoring solution, has released a series of security updates addressing critical vulnerabilities, most notably CVE-2024-36461, which carries a CVSS score of 9.1....
View ArticleGoogle Cloud Services Disrupted in UK Due to Power Outage
A power outage at a Google data center in London led to a significant disruption of Google Cloud Platform (GCP) and Workspace services for users in the UK on August... The post Google Cloud Services...
View ArticleFBI Dismantles ‘Radar/Dispossessor’ Ransomware Gang, Seizing Servers Across...
The FBI has successfully disrupted the notorious “Radar/Dispossessor” ransomware operation, led by the elusive cybercriminal known as “Brain.” The operation, which targeted businesses and organizations...
View ArticleSAP Security Patch Day – August 2024: CVE-2024-41730 (CVSS 9.8) Vulnerability...
SAP has released its monthly security patches for August 2024, addressing a range of vulnerabilities across its extensive product portfolio. The update includes fixes for 17 new security notes and......
View ArticleCVE-2024-7593 (CVSS 9.8): Authentication Bypass in Ivanti vTM: Proof of...
Ivanti has issued a security advisory addressing a critical vulnerability (CVE-2024-7593) in its Virtual Traffic Manager (vTM), a software-based Layer 7 application delivery controller (ADC). The flaw,...
View ArticleCVE-2024-39825 and CVE-2024-39818: High-Risk Zoom Flaws Require Urgent Updates
Zoom has released a security bulletin addressing several vulnerabilities in its Workplace Apps and Rooms Clients, some of which pose significant security risks to users. Among the most critical are......
View ArticleIvanti Issues Critical Fixes for ITSM Vulnerabilities (CVE-2024-7569 and...
Ivanti has released a security advisory addressing two significant vulnerabilities in its Neurons for IT Service Management (ITSM) platform, urging on-premise customers to take immediate action. The...
View ArticleNew Phishing Campaign Targets AWS Accounts: Security Experts Warn
A newly discovered phishing campaign is targeting AWS accounts, according to a warning from security researchers at Wiz. The campaign involves deceptive emails leading users to a convincingly crafted...
View ArticleKimsuky APT Group Targets University Researchers in Espionage Campaign
The North Korean state-backed hacking group known as Kimsuky is at it again, this time setting its sights on university researchers and professors in an ongoing espionage campaign. A recent... The post...
View ArticleGolddigger and Gigabud Android Banking Trojans: Same Cybercriminal, New Tricks
A recent investigation by Cyble Intelligence and Research Labs (CRIL) has unveiled a significant connection between two prominent Android banking trojans: Golddigger and Gigabud. Evidence suggests they...
View ArticleAMD EPYC Processors Exposed: High-Severity Vulnerability CVE-2023-31315
AMD has released a security advisory following the discovery of a high-severity vulnerability affecting several of its EPYC processors. The vulnerability, identified as CVE-2023-31315, was reported by...
View ArticleEarth Baku APT Group Expands Global Reach with Advanced Techniques
Cybersecurity researchers at Trend Micro have uncovered a significant expansion in the activities of Earth Baku, a sophisticated advanced persistent threat (APT) group. Previously focused on the...
View ArticleLinux Kernel Vulnerabilities Expose Systems to Privilege Escalation: Flaws...
Security researchers have disclosed the technical details and proof-of-concept (PoC) exploit codes for three vulnerabilities (CVE-2023-4206, CVE-2023-4207, and CVE-2023-4208) in the Linux kernel,...
View ArticleCISA & Microsoft Warn of 6 Actively Exploited Zero-Day Vulnerabilities
Microsoft’s August 2024 Patch Tuesday release addresses 88 vulnerabilities, including seven critical flaws and 10 zero-day vulnerabilities. Among these, six are currently being actively exploited in...
View ArticleCVE-2024-28986 (CVSS 9.8): SolarWinds Web Help Desk Users Must Patch Now!
SolarWinds has released an urgent security advisory regarding a critical vulnerability in its Web Help Desk software. The vulnerability, designated CVE-2024-28986, allows for Java Deserialization...
View ArticleCVE-2024-38063 (CVSS 9.8): 0-Click RCE Affects All Windows Systems
In its latest Patch Tuesday security update, Microsoft has disclosed a critical vulnerability in the Windows TCP/IP stack that demands urgent attention. Among the 88 vulnerabilities addressed this...
View ArticleArtiPACKED: A New GitHub Actions Vulnerability Exposes Critical Credentials
A recently uncovered vulnerability in GitHub Actions artifacts has the potential to compromise high-profile open-source projects and expose sensitive credentials, including GitHub tokens and...
View ArticleWeb-Check: The Ultimate Toolkit for Website Analysis and Security Assessment
In the intricate world of web technologies, a profound understanding of a website or host extends far beyond surface-level interactions. It involves delving into the underlying infrastructure, security...
View ArticleCVE-2024-39091: Critical Vulnerability in MIPC Camera Framework Puts Millions...
A high-severity vulnerability (CVE-2024-39091, CVSS 8.8) has been discovered in the MIPC camera framework, a widely-used software platform for home security cameras. This vulnerability could allow...
View Article