CVE-2024-41798 (CVSS 9.8): Siemens SENTRON PAC3200 Meters Vulnerable to Easy...
A newly disclosed vulnerability (CVE-2024-41798) in Siemens SENTRON PAC3200 power meters could allow attackers to gain administrative access with alarming ease. The vulnerability, assigned a CVSS score...
View ArticleHidden Cryptocurrency Mining Campaign Hits Over 28,000 Users, Stealing...
A recent report from Doctor Web reveals a widespread malware campaign that has compromised over 28,000 users, primarily in Russia and surrounding countries. This campaign cleverly disguises...
View ArticleIvanti Patches CSA Appliance Against Vulnerabilities, Including Actively...
Ivanti has recently released urgent security updates for its Cloud Services Appliance (CSA) to address multiple vulnerabilities, including one that is actively being exploited in the wild. The company...
View ArticleCVE-2024-37404: Critical RCE Flaw Discovered in Ivanti Connect Secure &...
Ivanti has addressed a critical remote code execution (RCE) vulnerability affecting its Connect Secure and Policy Secure products, as reported by security researcher Richard Warren of AmberWolf. The...
View ArticleNew Campaign by Awaken Likho APT Group: Changes in Software and Techniques
Kaspersky researchers have discovered a new campaign by the Awaken Likho APT group, also known as Core Werewolf, which has been active since at least July 2021. The group is... The post New Campaign by...
View ArticleYunit Stealer: How This Advanced Malware Evades Detection While Stealing Your...
A new cybersecurity threat has emerged, named the “Yunit Stealer,” which is designed to collect a wide array of sensitive data from infected systems. Leveraging advanced JavaScript techniques, Yunit...
View ArticleGoldenJackal Bypasses Air-Gaps in Sophisticated Espionage Campaigns
A new report by Matías Porolli, a malware researcher at ESET, has revealed a series of cyberespionage campaigns executed by the elusive Advanced Persistent Threat (APT) group known as GoldenJackal.......
View ArticlePronsis Loader: The Emerging Threat Behind JPHP-Driven Malware
A recent report by Trustwave’s Threat Intelligence team, led by Cris Tomboc and King Orande, has unveiled a newly identified malware named Pronsis Loader. This malware, which first surfaced in... The...
View ArticleMicrosoft’s October 2024 Patch Tuesday: Zero-Day Exploits and Critical...
Microsoft’s October 2024 Patch Tuesday delivered a crucial set of security updates, addressing a total of 121 vulnerabilities across its ecosystem. This includes three critical vulnerabilities and 114...
View ArticleGlobal Malware Campaign Exploits Lua in Gaming and Education Sectors
A new wave of malware attacks has been uncovered by Morphisec Threat Labs, targeting the educational sector and gaming communities. According to security researcher Shmuel Uzan, these sophisticated...
View ArticleCritical Vulnerabilities Discovered in Siemens SINEC Security Monitor
Siemens has released a new security update for its SINEC Security Monitor, a modular cybersecurity software used for passive, non-intrusive, and continuous monitoring of production environments on...
View ArticleGoogle Pays $55,000 Bounty for Chrome Security Flaw
Google has released a Stable Channel update for Chrome on Windows, Mac, and Linux, bringing the browser to version 129.0.6668.100/.101. The update is expected to roll out over the next... The post...
View ArticleMicrosoft Warns of Sophisticated Identity Phishing Campaigns Misusing File...
Microsoft Threat Intelligence has identified a rising trend of phishing campaigns exploiting legitimate file hosting services like SharePoint, OneDrive, and Dropbox to launch business email compromise...
View ArticleJAXA Cyberattack: Hackers Breach Accounts of Top Officials, Exposing...
The Japan Aerospace Exploration Agency (JAXA) has become the target of a series of sophisticated cyberattacks, resulting in the hijacking of accounts belonging to high-ranking officials, including...
View ArticleUkrainian National Pleads Guilty to Operating Raccoon Infostealer...
A Ukrainian national, Mark Sokolovsky, has pleaded guilty in a federal court in Austin, Texas, to one count of conspiracy to commit computer intrusion. According to court documents, Sokolovsky, 28,......
View ArticleTax Extension Malware Campaign Exploits Trusted GitHub Repositories to...
In a recent report from security researcher Jacob Malimban at Cofense Intelligence, a phishing campaign exploiting GitHub links to bypass Secure Email Gateway (SEG) defenses was detected. This campaign...
View ArticleFirefox Zero-Day Vulnerability: Urgent Update Needed to Patch CVE-2024-9680
In a recent security advisory, the Mozilla Foundation has revealed a zero-day vulnerability in its popular web browser, Firefox. Identified as CVE-2024-9680, the flaw involves a use-after-free...
View ArticleCISA Adds Three Actively Exploited Security Vulnerabilities to KEV Catalog,...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three new security flaws to its Known Exploited Vulnerabilities (KEV) catalog, following confirmed reports of active...
View ArticlePalo Alto Networks Issues Fix for Critical Vulnerabilities, Including...
Palo Alto Networks recently issued a security advisory (PAN-SA-2024-0010) detailing several high-severity vulnerabilities affecting its Expedition migration tool, with CVSS scores ranging from 7.0 to...
View ArticleDark Angels Ransomware Group: The Shadowy Threat Behind the Record $75M Ransom
The Dark Angels Ransomware Group has emerged as one of the most sophisticated and stealthy ransomware groups in recent years, focusing on highly targeted attacks against large enterprises. According...
View Article