Zoom Phishing Alert: Researcher Identifies New Threat Targeting Microsoft...
As millions of users continue to rely on Zoom for everything from business meetings to collaborative projects, threat actors have found new ways to exploit this trusted platform. In a... The post Zoom...
View ArticlePoC Exploit Releases for CVE-2024-44193: Local Privilege Escalation...
Security researcher mbog14 has published the technical details and proof-of-concept for a critical local privilege escalation (LPE) vulnerability affecting iTunes version 12.13.2.3, identified as...
View ArticleCVE-2024-47191: Critical Flaw in OATH-Toolkit PAM Module Could Lead to Root...
A serious vulnerability has been identified in the OATH-Toolkit’s PAM module, exposing systems to potential root-level exploits when handling one-time password (OTP) authentication. This issue, tracked...
View ArticleRedis Patches for Multi Flaws, Including Potential RCE (CVE-2024-31449)
Redis, a popular open-source data structure store often used as a database, cache, and message broker, has urged users to update their installations immediately following the discovery of three new......
View ArticlePrivilege Escalation and Remote Code Execution Threaten Cisco Routers: No...
In a recent security advisory, Cisco revealed multiple vulnerabilities impacting its Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers, which could potentially expose...
View ArticleMediaTek Patches Critical Vulnerabilities in Smartphone, Tablet, and IoT...
MediaTek, a leading semiconductor company, has issued an October 2024 Product Security Bulletin addressing critical vulnerabilities affecting a wide range of its chipsets, including those used in...
View ArticleCSP Bypass: A New Open-Source Tool for Ethical Hackers to Overcome Content...
Renowned security researcher Renniepak, the founder of Hacker Hideout, has launched an open-source tool called CSP Bypass. This tool is designed to assist ethical hackers and security researchers in...
View ArticleCacti Network Monitoring Tool Patches Security Flaws, Including RCE...
Popular open-source network monitoring tool, Cacti, has released an urgent security update addressing multiple vulnerabilities, including a critical Remote Code Execution (RCE) flaw. The update,...
View ArticleQualcomm Patched Multi Flaws, Including 0-day CVE-2024-43047 & RCE...
Qualcomm has released its October 2024 Security Bulletin, highlighting several critical vulnerabilities affecting a range of its chipsets, including the widely used Snapdragon mobile platforms and...
View ArticleBeware the Bite of Mamba 2FA: This Phishing Kit Bypasses 2FA
In the rapidly evolving world of phishing, a new player has emerged—Mamba 2FA. In late May 2024, Sekoia’s Threat Detection & Research (TDR) team uncovered this adversary-in-the-middle (AiTM)...
View ArticleDNS Tunneling: The Hidden Threat Exploited by Cyberattackers
Cyber attackers are increasingly exploiting DNS tunneling as a covert means to conduct malicious activities, evade detection, and exfiltrate data. Palo Alto Networks‘ latest report highlights emerging...
View ArticleLemonDuck Exploits EternalBlue Vulnerability for Cryptomining Attacks
A recent report from security researchers at Aufa and NetbyteSEC Interns sheds light on the resurgence of the LemonDuck malware, which is now exploiting the EternalBlue vulnerability (CVE-2017-0144) in...
View ArticleNorth Korean APT Group Kimsuky Exploits DMARC Misconfigurations for...
Email security has long been a critical pillar in defending organizations against cyberattacks, but recent reports reveal that even widely trusted protections like Domain-based Message Authentication,...
View ArticleResearcher Releases Open-Source Scanner for CVE-2024-47176 CUPS Vulnerability
Renowned security researcher Marcus Hutchins has unveiled a new open-source tool designed to help administrators and security professionals identify vulnerable instances of the Common Unix Printing...
View ArticleYour Smart TV is Watching You: New Research Reveals the Extent of ACR Tracking
A new study has revealed the extent to which smart TVs use Automatic Content Recognition (ACR) technology to track users’ viewing habits. The research, conducted by a team of scientists... The post...
View ArticleNew Anti-Theft Arsenal: Android Gets Theft Detection, Offline, and Remote Lock
Android users in the US are starting to receive a powerful new set of anti-theft features, according to renowned Android journalist Mishaal Rahman. Google is rolling out Theft Detection Lock,... The...
View ArticleChinese Threat Groups Leverage Ransomware for Political Gain
A recent report released by the Natto Team, a renowned group specializing in geopolitical analysis and cyber threat intelligence, provides a comprehensive overview of the evolving landscape of...
View ArticleExploit Releases for TeamViewer Flaws (CVE-2024-7479 & CVE-2024-7481) Let...
Security researcher Peter Gabaldon published the technical details and proof-of-concept exploit code for two high-severity vulnerabilities, CVE-2024-7479 and CVE-2024-7481, which have been found in...
View ArticleMoneyGram Notifies Consumers of Data Breach Affecting Sensitive Personal...
MoneyGram Payment Systems, Inc. has recently issued a Notice of Data Breach after discovering that an unauthorized third party had accessed and stolen personal information of certain consumers between...
View ArticleSAP Patches Critical BusinessObjects Vulnerability with October Security Updates
SAP has released its monthly security patch updates, addressing several vulnerabilities across its product portfolio. The October Security Patch Day includes six new security notes and six updates to...
View Article