SharpPanda APT Targets Malaysia with Backdoor Malware
In a recent analysis conducted in March and April 2024, the NetbyteSEC Detecx (NBS) team exposed a sophisticated malware campaign orchestrated by the notorious SharpPanda APT group, specifically aimed...
View ArticleResearcher Details Windows Elevation of Privilege Vulnerability (CVE-2024-26238)
Security researcher Guillaume André with Synacktiv has detailed a high-severity vulnerability, CVE-2024-26238 (CVSS 7.8), in Microsoft’s Windows Update component RUXIM (Reusable UX Integration...
View ArticleKaspersky Labs Uncovers ShrinkLocker Ransomware Exploiting Microsoft’s BitLocker
In a recent analysis, Kaspersky Lab’s experts have exposed a new ransomware threat named ShrinkLocker, which cleverly exploits Microsoft’s built-in BitLocker encryption tool to hold corporate data...
View Articleglibc Flaw (CVE-2024-2961) Opens Door to RCE, PoC Exploit Published
Technical details and a proof-of-concept (PoC) exploit code have emerged about a security flaw (CVE-2024-2961) in GNU C Library that could be chained by threat actors to achieve remote code execution...
View ArticleGovernment Agencies in APAC Targeted by Fake PDF Login Phishing Emails
Forcepoint X-Labs, a leading cybersecurity research team, has issued an urgent warning regarding a surge in sophisticated phishing emails targeting government departments across the Asia-Pacific (APAC)...
View ArticleResearcher Releases Techniques & Burp Extension to Help Bypass WAFs
In the cybersecurity field, web application firewalls (WAFs) are pivotal in defending web applications from malicious attacks. However, recent insights from Shubham Shah, a seasoned security researcher...
View ArticleCVE-2024-5035 (CVSS 10) in TP-Link Archer C5400X Routers Exposes Users to...
In a recent security analysis conducted by a researcher at ONEKEY, a critical vulnerability has been identified in the TP-Link Archer C5400X router. The flaw, tracked as CVE-2024-5035, has been given a...
View ArticleCritical Vulnerability in PMB Library Software: CVE-2024-26289
A critical security vulnerability has been identified in PMB Library Software, a widely-used system designed to streamline cataloging, circulation, and patron management processes for libraries of all...
View ArticleSharp Dragon APT Group Expands Cyber Espionage Operations to Africa and the...
A new report from Check Point Research reveals a significant shift in the tactics and targets of the Chinese state-sponsored advanced persistent threat (APT) group, Sharp Dragon. Previously focused on...
View ArticleCISA Warns: Actively Exploited Chrome Zero-Day Joins ‘Must-Patch’ List
The Cybersecurity and Infrastructure Security Agency (CISA) has added another critical vulnerability to its Known Exploited Vulnerabilities Catalog, highlighting the urgent need for Google Chrome users...
View ArticleResearchers Uncovers Sophisticated Phishing Campaigns Leveraging Cloudflare...
In a recent analysis, Netskope Threat Labs has revealed a disturbing trend of malicious actors exploiting Cloudflare Workers, a serverless computing platform, to launch sophisticated phishing...
View ArticleCritical Security Advisory: Mitel MiCollab Vulnerabilities Exposed...
In an urgent security advisory, Mitel has warned users of its MiCollab communications platform to immediately patch critical vulnerabilities that could expose their systems to remote attacks. The...
View ArticleEmerging Cyber Threat: Moonstone Sleet Identified as New North Korean Threat...
Microsoft’s Threat Intelligence team has uncovered a newly identified North Korean cyber threat actor dubbed “Moonstone Sleet” (previously known as Storm-1789). This group is a chameleon in the cyber...
View ArticleCitrix Urges Mac Users to Patch Workspace App Against Privilege Escalation...
Cloud Software Group, the entity behind Citrix products, has issued a security advisory warning Mac users of a high-severity vulnerability in the Citrix Workspace app. The flaw, tracked as...
View ArticleOperation Diplomatic Specter: Chinese State-Sponsored Cyber Espionage...
Palo Alto Networks’ Unit 42 threat research team has unveiled a sophisticated and persistent cyber espionage campaign, codenamed Operation Diplomatic Specter, attributed to a Chinese state-sponsored...
View ArticleFoxit PDF Reader and Editor Users Urged to Update After Exploited Flaws Revealed
Foxit Software, a leading provider of PDF solutions, has issued a security advisory, disclosing actively exploited vulnerabilities in its popular Foxit PDF Reader and Foxit PDF Editor applications. The...
View ArticleCVE-2024-24919: Active Exploitation of Check Point Remote Access VPN...
In a recent advisory, Check Point has alerted its users to an active campaign targeting Remote Access VPN devices. Threat actors are exploiting this vulnerability to breach enterprise networks,...
View ArticleCybersecurity Alert: “Free Piano” Email Scam Targets Students and Professionals
A widespread email scam campaign is targeting students, faculty, healthcare workers, and others with offers of free pianos, leading victims into an advance fee fraud (AFF) scheme. Cybersecurity firm...
View ArticleAndroid Banking Trojan “Anatsa” Lurking in Google Play Store
Cybersecurity researchers at Zscaler ThreatLabz have uncovered a sophisticated Android banking trojan called Anatsa (also known as TeaBot) that is actively targeting Android users through seemingly...
View ArticleResearchers Reveal Sophisticated BlackSuit Ransomware Attack
Cybersecurity firm ReliaQuest has published a detailed analysis of a BlackSuit ransomware attack that occurred in April 2024, shedding light on the sophisticated tactics, techniques, and procedures...
View Article