Acronis Backup Plugins Hit by CVE-2024-8767: CVSS 9.9 Severity Alert
In a recent advisory published on September 16th, data protection powerhouse Acronis disclosed a critical security vulnerability in its popular backup plugins for server management platforms like...
View ArticleUnmasking “Marko Polo”: The Infostealer Gang Targeting Thousands
Researchers at Recorded Future have uncovered a large-scale cyberattack affecting tens of thousands of devices worldwide. It was later revealed that the campaign was orchestrated by the hacker group...
View ArticlePoC Exploit Releases for Exploited Vulnerability CVE-2024-8190 in Ivanti...
A proof-of-concept (PoC) exploit for CVE-2024-8190, an exploited OS command injection vulnerability in Ivanti Cloud Services Appliance, is now publicly released, making it crucial to update devices....
View ArticleGoogle Warns: Dependency Scanners Often Misreport Vulnerabilities
The AutoVM team at Google has discovered that dependency scanning tools often mistakenly report vulnerabilities in software. These vulnerabilities may either pose no real security threat or require no...
View ArticleCVE-2023-48788 Exploited: Researcher Details Cyberattacks on Fortinet EMS
In a concerning new development, cybersecurity researchers at Darktrace have unveiled a report detailing the exploitation of Fortinet’s FortiClient Endpoint Management Server (EMS) by cybercriminals....
View ArticleSambaSpy RAT Targets Italian Users in a Unique Malware Campaign
In May 2024, Kaspersky Labs uncovered a sophisticated malware campaign exclusively targeting users in Italy. Unusual for cybercriminal activities, this campaign focused solely on Italian victims,...
View ArticleTor Project Responds to De-Anonymization Report: Network Remains Secure for...
In response to an investigative report revealing a law enforcement de-anonymization attack on a Tor user, the Tor Project has issued a public statement addressing the concerns raised by the... The post...
View ArticleRansomware Groups Exploit Veeam Flaw CVE-2023-27532 in Nigerian Cyber...
The Nigeria Computer Emergency Response Team (ngCERT) has issued an urgent alert warning of ransomware groups actively targeting critical systems across Nigeria. The alert focuses on a high-severity...
View ArticleCritical Flaw in Ivanti CSA 4.6: CVE-2024-8963 Actively Exploited, Urgent...
Ivanti, a leader in enterprise software, has disclosed a critical vulnerability in its Ivanti Connect Secure Appliance (CSA) 4.6, identified as CVE-2024-8963. This vulnerability, rated at a CVSS score...
View Article483,000 Victims: Phishing Scam Unlocks Phones, Steals Data
In a landmark operation, law enforcement agencies from Spain and Latin America, with support from Europol, Ameripol, and cybersecurity leader Group-IB, successfully dismantled a notorious phishing...
View ArticleNorth Korean Hackers Gleaming Pisces Poisoned Python Packages Target Linux &...
Unit 42 researchers have uncovered a new cyberattack campaign by the North Korean-affiliated APT group, Gleaming Pisces, targeting Linux and macOS systems via poisoned Python packages. The campaign...
View ArticlemacOS Sequoia Update Disrupts Major Cybersecurity Tools
Apple’s latest operating system release, macOS Sequoia, has been causing unexpected headaches for cybersecurity professionals and everyday users alike. The update has disrupted the functionality of...
View ArticleCencora’s $75 Million Ransom: A New High in Cyber Extortion
The American pharmaceutical giant Cencora has made the largest known ransom payment in history, shelling out a staggering $75 million in Bitcoin to cybercriminals following a devastating February...
View ArticleMutantBedrog: The Malvertiser Bypassing Trusted-Types and CSP with Disruptive...
In mid-2024, cybersecurity specialists from Confiant identified a new malicious actor known as MutantBedrog. This threat raised alarm due to its aggressive campaigns of forced user redirections to...
View ArticleCritical Security Flaws in Camaleon CMS Put Web Servers at Risk – Users Urged...
In a significant development for website owners and administrators using Camaleon CMS, a critical security update has been released to address several vulnerabilities, some of which are already being...
View ArticleThreat Actors Exploit HR-Related Phishing Tactics in Sophisticated...
Phishing attacks continue to evolve in complexity, and the latest report from the Cofense Phishing Defense Center highlights a troubling trend: cybercriminals are increasingly using HR-related phishing...
View ArticleVersa Networks Exposes Critical API Vulnerability in Versa Director...
Versa Networks has issued a security advisory regarding a vulnerability discovered in its Versa Director product, CVE-2024-45229. This vulnerability, which carries a CVSS score of 6.6, could...
View Article$230 Million Cryptocurrency Heist: Two Arrested in Miami and Los Angeles
Two individuals have been apprehended this week in connection with a significant cryptocurrency theft amounting to over $230 million. The suspects, 20-year-old Malone Lam and 21-year-old Jeandiel...
View ArticleFreeBSD Issues Critical Security Advisory for CVE-2024-41721 (CVSS 9.8)
A recently disclosed security advisory has unveiled a critical vulnerability affecting FreeBSD’s bhyve hypervisor. Identified as CVE-2024-41721, this flaw carries a CVSS score of 9.8, reflecting its...
View ArticleWindows Server Update Services Deprecation: What It Means for Your Update...
Windows Server Update Services (WSUS) is a long-standing update service from Microsoft aimed at enterprises, allowing IT administrators to manage the pace of updates for internal network devices....
View Article