Rebirth Botnet Exploiting Gaming Community, Posing Wider Cybersecurity Threat
The Sysdig Threat Research Team (TRT) has exposed the alarming activities of the Rebirth botnet, a Mirai-based DDoS-as-a-Service (DDoSaaS) platform that primarily targets the video gaming community....
View ArticleCVE-2024-4358: Critical Authentication Bypass Flaw Discovered in Progress...
A critical vulnerability (CVE-2024-4358) has been discovered in Progress Telerik Report Server, a popular report management solution used by organizations worldwide. This vulnerability, rated with a...
View ArticleKiteshield Packer Emerges as a Significant Threat in Linux Malware Landscape
In a recent analysis, XLab’s Cyber Threat Insight Analysis (CTIA) System uncovered the abuse of the Kiteshield packer by various cyber threat actors targeting Linux environments. Over the past month,...
View ArticleCVE-2024-22263 Flaw in Spring Cloud Data Flow Could Lead to Server Takeover
A security vulnerability, identified as CVE-2024-22263, has been discovered in Spring Cloud Data Flow, a framework widely used for microservices-based streaming and batch data processing in Cloud...
View ArticleTechnical Details Released for Check Point Remote Access VPN 0-Day Flaw
Security researchers at watchTowr Labs have detailed a zero-day vulnerability (CVE-2024-24919) in Check Point’s Remote Access VPN appliances, which is actively being exploited by malicious actors. The...
View ArticleCISA Warns of Actively Exploited Linux Kernel and Check Point Gateway...
Today, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding two actively exploited vulnerabilities affecting the Linux Kernel and Check Point Quantum...
View ArticleBeware of Fake Browser Updates: BitRAT and Lumma Stealer on the Rise
eSentire’s Threat Response Unit (TRU) has issued a critical warning about a new wave of cyberattacks utilizing fake browser updates to deliver malicious payloads. The attacks involve injecting...
View ArticleMultiple Critical Vulnerabilities Discovered in D-Link D-View 8
D-Link, in collaboration with the Zero Day Initiative, has issued a critical security advisory regarding four newly discovered vulnerabilities in D-View 8, its network monitoring and management...
View ArticleLogpoint Patches Critical SAML Authentication Flaw (CVE-2024-36383): Remote...
Logpoint has issued a security advisory for a critical vulnerability in its SAML Authentication module. This flaw, identified as CVE-2024-36383 and rated with a CVSS score of 9.1, could allow attackers...
View ArticleNew Phishing Campaign Utilizes IObit Antivirus to Deliver AsyncRAT Malware
Recently, S2 Grupo’s intelligence unit, Lab52, identified a sophisticated phishing campaign targeting Colombia. The attackers, masquerading as the Colombian Attorney General’s Office, aim to infect...
View ArticleCVE-2024-4407: TIBCO Managed File Transfer Server Vulnerability Could Lead to...
TIBCO has issued a security advisory warning users of a critical-severity vulnerability (CVE-2024-4407) in its Managed File Transfer Platform Server for UNIX and z/Linux. This flaw could allow...
View ArticleHackers Actively Exploiting Critical D-Link NAS Vulnerability: 90,000+...
CYFIRMA, a leading cybersecurity firm, has issued an urgent warning regarding a critical vulnerability (CVE-2024-3273) discovered in multiple end-of-life D-Link network-attached storage (NAS) devices....
View ArticleCVE-2024-5522 (CVSS 10): Critical Security Flaw Threatens Thousands of...
WordPress users who have installed the popular HTML5 Video Player plugin are urged to take immediate action following the discovery of a critical security vulnerability. The flaw, tracked as...
View ArticleNGINX Releases Security Updates: HTTP/3 Vulnerabilities Patched
In a recent security advisory, the NGINX development team has released crucial updates for their popular web server software, urging users to upgrade immediately. These updates address four significant...
View ArticleLilacSquid APT Unveiled: A Stealthy Campaign Targeting Global Industries
Cisco Talos, the threat intelligence and research arm of Cisco, has exposed a sophisticated espionage-focused threat actor known as LilacSquid (UAT-4820). This advanced persistent threat (APT) group...
View ArticleAsukaStealer Malware Targets Browsers and Crypto Wallets for $80 a Month
A new and sophisticated malware named AsukaStealer has emerged on the cybercrime scene, offering its malicious services for a surprisingly low monthly fee of $80. This C++ based malware, marketed on a...
View ArticleChalubo Malware Wreaks Havoc: Half a Million Routers Permanently Disabled
A destructive cyberattack, dubbed “The Pumpkin Eclipse” by Lumen Technologies’ Black Lotus Labs, has knocked out over 600,000 small office/home office (SOHO) routers, leaving a significant portion of...
View ArticleFake Bahrain Government Android App Steals Personal Data for Financial Fraud
Government services going digital is a convenience, but it also opens the door for cybercriminals. The McAfee Mobile Research Team has discovered a dangerous Android malware masquerading as official...
View ArticleRedTail Cryptominer Malware Targets PAN-OS Vulnerability
In a recent report, the Akamai Threat Research Team revealed a concerning evolution of the RedTail cryptomining malware. Known for its profitability and widespread impact, RedTail now targets the...
View ArticleCarnavalHeist Banking Trojan Targets Brazilian Financial Institutions with...
A new banking Trojan named “CarnavalHeist” is targeting Brazilian users, exploiting the country’s festive spirit to steal financial data. Discovered by Cisco Talos, this malware campaign has been...
View Article