Priya James
CVE/vulnerability
DrayTek Devices Vulnerability Let Attackers Arbitrary Commands Remotely
The DrayTek Gateway devices, more specifically the Vigor2960 and Vigor300B models, are susceptible to a critical command injection vulnerability. Exploitable via the /cgi-bin/mainfunction.cgi/apmcfgupload endpoint, attackers...
Cyber Attack
New Stealthy Malware Leveraging SSH Over TOR Attacking Ukrainian Military
Researchers recently discovered a malicious campaign targeting Ukrainian military personnel through fake "Army+" application websites, which host a malicious installer that, upon execution, extracts...
CVE/vulnerability
CISA Warns of Palo Alto Networks PAN-OS Vulnerability Exploited in Wild
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority alert on a critical vulnerability in Palo Alto Networks PAN-OS.Tracked as CVE-2024-3393, this...
Cyber Security News
US Treasury Department Breach, Hackers Accessed Workstations
The Biden administration confirmed that a Chinese state-sponsored hacking group breached the U.S. Treasury Department, gaining unauthorized access to employee workstations and unclassified documents.This...
CVE/vulnerability
TrueNAS CORE Vulnerability Let Attackers Execute Remote Code
Security researchers Daan Keuper, Thijs Alkemade, and Khaled Nassar from Computest Sector 7 disclosed a critical vulnerability in TrueNAS CORE, a widely-used open-source storage...
Botnet
New Botnet Exploiting D-Link Routers To Gain Control Remotely
Researchers observed a recent surge in activity from the "FICORA" and "CAPSAICIN," both variants of Mirai and Kaiten, respectively, which exploit known vulnerabilities in...
Cyber Attack
Hackers Weaponize Websites With LNK File To Deliver Weaponized LZH File
The watering hole attack leverages a compromised website to deliver malware. When a user visits the infected site, their system downloads an LZH archive...
Cyber Security News
NFS Protocol Security Bypassed To Access Files From Remote Server
The NFS protocol offers authentication methods like AUTH_SYS, which relies on untrusted user IDs, and Kerberos, providing cryptographic verification. While Kerberos offers strong security, its...
Join our community of SUBSCRIBERS and be part of the conversation.
To subscribe, simply enter your email address on our website or click the subscribe button below. Don't worry, we respect your privacy and won't spam your inbox. Your information is safe with us.