Say Goodbye to Stolen iPhone Parts: Activation Lock Gets an Upgrade
Once Lost Mode is activated on an Apple device, it is incredibly difficult to disable unless done by the original owner or with the correct password. Without deactivating Lost Mode,... The post Say...
View ArticleWayback Machine Integration: Google Search Makes Digital History Accessible
The Internet Archive preserves billions of web pages from around the globe, allowing users to inspect historical versions of these pages or access them as a backup when a site... The post Wayback...
View ArticleCitrix Workspace App Users Urged to Update Following Two Privilege Escalation...
In a security advisory released recently, Cloud Software Group has disclosed two vulnerabilities affecting the widely used Citrix Workspace app for Windows. These vulnerabilities, identified as...
View ArticleCVE-2024-45186: FileSender Vulnerability Poses Risk to User Credentials,...
A severe security flaw has been identified in FileSender, the popular web-based application that allows authenticated users to securely send large files. The vulnerability, classified as...
View ArticleRockwell Automation Products Face Critical Security Risks, Urgent Patching...
Two recently discovered vulnerabilities in Rockwell Automation’s FactoryTalk software products pose a serious threat to industrial control systems (ICS). The vulnerabilities, tracked as CVE-2024-45823...
View ArticleRansomHub Adopts New Tactics in Latest Attack, Bypasses EDR and Harvests...
Recently, the ThreatDown Managed Detection and Response (MDR) team has uncovered a novel attack method employed by the RansomHub ransomware group. The attackers have been observed utilizing two...
View ArticleCISA & Ivanti Warn of Active Exploitation Cloud Services Appliance Flaw...
A high-severity vulnerability (CVE-2024-8190) in Ivanti Cloud Services Appliance (CSA) is under active exploitation, prompting an urgent directive from the U.S. Cybersecurity and Infrastructure...
View ArticleBeware Mac Users: Fake AppleCare+ Support Scam Lures Victims via GitHub Repos
A new fraudulent campaign targeting Mac users seeking AppleCare+ support or extended warranties has been uncovered by cybersecurity experts at Malwarebytes. The scammers are using a combination of...
View Article20+ Victims and Counting: Lynx Ransomware’s Swift Rise
In a recent report from Rapid7 Labs, the Lynx ransomware group has emerged as a new threat in the ever-evolving landscape of cybercrime. Identified in July 2024, Lynx has already... The post 20+...
View ArticleMedusa Exploits Fortinet Flaw (CVE-2023-48788) for Stealthy Ransomware Attacks
A recent report from Bitdefender highlights how Medusa has not only continued its relentless attacks but has also established a unique online presence on both the dark web and the... The post Medusa...
View ArticleBadIIS Malware : 35+ IIS Servers Compromised in DragonRank Campaign
A recent report from Cisco Talos has exposed a new threat actor named DragonRank, a Chinese-speaking group specializing in SEO manipulation and cyberattacks. This group operates by exploiting...
View ArticleIranian Cyberespionage Campaign Targets Iraqi Government
Check Point Research (CPR) has uncovered a sophisticated cyberespionage campaign aimed at the Iraqi government, bearing the hallmarks of Iranian state-sponsored threat actors. This campaign, which has...
View ArticleCritical Flaw in NixOS Package Manager: CVE-2024-45593 Allows Arbitrary File...
A high-severity security flaw has been discovered in Nix, the popular package manager for Linux and Unix-based systems. Identified as CVE-2024-45593, this vulnerability poses a significant threat,...
View ArticleDon’t Fall for the Bait: Poseidon Stealer Masquerades as Sopha AI
In a new wave of cyberattacks, macOS users are being targeted by the Poseidon Stealer malware, disguised as an installer for the highly anticipated Sopha AI model from OpenAI. This... The post Don’t...
View ArticleAjina.Banker: Unmasking the Android Malware Targeting Central Asian Banks
Cybersecurity analysts at Group-IB have uncovered a sophisticated malware campaign targeting bank customers in Central Asia. Dubbed “Ajina.Banker,” this Android malware poses a significant threat to...
View ArticlePoC Exploit Released for Ivanti EPM Flaw CVE-2024-29847 (CVSS 10)
Security researcher James Horseman from Horizon3.ai has disclosed the technical details and a proof-of-concept (PoC) exploit code for a critical vulnerability (CVE-2024-29847) in Ivanti Endpoint...
View ArticleCVE-2024-38816: Spring Framework Path Traversal Vulnerability Threatens Millions
A serious security vulnerability, identified as CVE-2024-38816 (CVSS 7.5), has been discovered in the popular Spring Framework, potentially affecting millions of Java applications worldwide. This path...
View ArticleNew Zero-Day Emerges After Microsoft Patch Tuesday: CVE-2024-43461 Targets...
In an unexpected turn of events, Microsoft has revised its September 2024 Patch Tuesday security advisory, revealing a fifth zero-day vulnerability actively exploited in the wild. The disclosure comes...
View ArticleKawasaki Europe Navigates Ransomware Incident, Recovery in Progress
Kawasaki Motors Europe, the prominent European subsidiary of Kawasaki Heavy Industries, is actively recovering from a targeted cyberattack attributed to the ransomware group RansomHub. This incident,...
View ArticleMultiple Critical Vulnerabilities Found in D-Link WiFi Routers: Immediate...
Multiple critical vulnerabilities in D-Link routers have been disclosed, potentially affecting millions of users worldwide. TWCERT/CC, Taiwan’s cybersecurity agency, has issued urgent advisories,...
View Article