SSN, Banking Details at Risk in Major Texas Credit Union Breach
The largest credit union in Texas, Texas Dow Employees Credit Union (TDECU), has reported a significant data breach affecting more than 500,000 individuals. The incident may have compromised Social...
View ArticlePoC Exploit Released for Arbitrary File Write Flaw (CVE-2024-22263) in Spring...
Security researcher Zeyad Azima from SecureLayer7 published the proof-of-concept exploit for arbitrary file write vulnerability (CVE-2024-22263) in Spring Cloud Data Flow, a widely-used tool for...
View ArticlePoortry EDR Killer Evolves, Now Wipes Security Software From Windows Systems
Sophos X-Ops recently released a detailed report on the latest advancements in a malicious toolset known as Poortry, designed to sabotage endpoint detection and response (EDR) software on Windows...
View ArticleCVE-2024-6633 (CVSS 9.8): Critical Flaw in Fortra FileCatalyst Workflow
Fortra, a prominent provider of enterprise file transfer solutions, has released an urgent security advisory highlighting two critical vulnerabilities within its FileCatalyst Workflow product....
View ArticleIntel SGX Security Compromised: Root Provisioning Key Extracted
Recently, researcher Mark Ermolov has successfully extracted Intel’s SGX Fuse Key0, also known as the Root Provisioning Key. This key, introduced with Intel’s Skylake processors, is a cornerstone of...
View ArticleCryptojacking Campaign Exploits Atlassian Confluence CVE-2023-22527...
Trend Micro researchers have uncovered a widespread cryptojacking campaign leveraging a critical vulnerability (CVE-2023-22527) in the Atlassian Confluence Data Center and Server. Attackers are...
View ArticleAngler Exploit Kit Architect Wanted: U.S. Puts $2.5M Bounty on Belarusian...
The U.S. Department of State has announced a hefty $2.5 million reward for information leading to the arrest or conviction of Volodymyr Kadariya, a Belarusian national accused of masterminding a... The...
View ArticleWineHQ Takes Helm of Mono Project, Ensuring Linux-Windows Compatibility
Mono was initially a project developed by Xamarin, with the core objective of providing an open-source implementation of Microsoft’s .NET framework. However, after Microsoft acquired Xamarin in 2016,...
View ArticleESET Uncovers Zero-Day Vulnerabilities in WPS Office, Exploited by APT-C-60
ESET researchers have identified two severe vulnerabilities in WPS Office for Windows, widely exploited by the APT-C-60 cyberespionage group, which is aligned with South Korea. The vulnerabilities,...
View ArticleMallox Unleashed: Inside a Cloud Ransomware Attack
The recent Trustwave investigation into a Mallox ransomware attack sheds light on the methods and tools used by modern cybercriminals to infiltrate and compromise cloud-based environments. The attack,...
View ArticleAI-Powered Cyberattacks: Greasy Opal Bypasses CAPTCHA, Threatens User Accounts
According to a recent report by experts at Arkose Labs, there has been a noticeable surge in the use of the tool Greasy Opal within cyberspace, which facilitates sophisticated attacks,... The post...
View Article“Unicode QR Code Phishing”: The New Threat You Need to Know
Experts at SlashNext have uncovered a perilous phishing technique known as “Unicode QR Code Phishing,” which warrants close scrutiny. This sophisticated method circumvents traditional security measures...
View ArticleBlackByte Ransomware Group Exploits VMware CVE-2024-37085 Flaw, Shifts Tactics
The BlackByte ransomware group has re-emerged with an unsettling surge in activity and a refined set of tactics, techniques, and procedures (TTPs) that pose a heightened risk to organizations. Cisco......
View ArticleNew Attack on Microsoft 365 Copilot Steals Personal Data
A cybersecurity researcher has uncovered a critical vulnerability in the AI-powered assistant Copilot, integrated into Microsoft 365, which enables malicious actors to exfiltrate sensitive data. The...
View ArticleCritical Vulnerabilities Expose Hitachi Energy MicroSCADA X SYS600 to...
Hitachi Energy has issued a cybersecurity advisory addressing multiple critical vulnerabilities discovered in their MicroSCADA X SYS600 product, widely used for monitoring and controlling power...
View ArticleCVE-2024-43425: Moodle Remote Code Execution Vulnerability, PoC Published
A critical vulnerability (CVE-2024-43425) has been identified in Moodle, a widely-used Learning Management System. This flaw could enable attackers to execute malicious code on affected servers,...
View ArticleMirai Botnet Exploits Zero-Day Vulnerability CVE-2024-7029 in AVTECH IP Cameras
Akamai’s Security Intelligence Response Team (SIRT) has discovered a widespread Mirai botnet campaign exploiting a recently disclosed zero-day vulnerability (CVE-2024-7029) in AVTECH IP cameras. The...
View ArticleCritical CVE-2024-45321 Flaw in Popular Perl Module Installer cpanminus, No...
In a significant security advisory, the Perl community has been alerted to a critical vulnerability, CVE-2024-45321, affecting the widely-used App::cpanminus (cpanm) tool. Rated with a CVSS score of...
View ArticleDocker-OSX Shut Down: Apple’s Copyright Claim Impacts macOS Containers
An open-source project on GitHub called Docker-OSX allows users to effortlessly run Apple’s OSX and macOS systems through containers, a method akin to virtual machines but significantly more convenient...
View ArticleCVE-2024-39584: Dell BIOS Flaw Exposes Systems to Secure Boot Bypass and...
In a recent security advisory, Dell disclosed a high-severity vulnerability, identified as CVE-2024-39584, affecting the BIOS of several popular Dell client platforms. This vulnerability, carrying a...
View Article