CVE/vulnerability
CISA Warns of Critical Palo Alto Networks Vulnerability Exploited in Attacks
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns organizations of a critical vulnerability in Palo Alto Networks' Expedition tool, which could lead to severe security breaches.The vulnerability,...
CVE/vulnerability
Cisco Desk Phone Series Vulnerability Lets Remote Attacker Access Sensitive Information
A significant vulnerability (CVE-2024-20445) has been discovered in Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 that...
Cisco
Cisco Flaw Let Attackers Run Command as Root User
A critical vulnerability has been discovered in Cisco Unified Industrial Wireless Software, which affects Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points.This flaw tracked...
Cyber Crime
Researchers Detailed Credential Abuse Cycle
The United States Department of Justice has unsealed an indictment against Anonymous Sudan, a hacking group responsible for distributed denial-of-service attacks. LameDuck, a new threat...
Cyber Crime
Rise Of Ransomware-As-A-Service Leads To Decline Of Custom Tools
Ransomware-as-a-Service (RaaS) platforms have revolutionized the ransomware market.Unlike traditional standalone ransomware sales, RaaS offers a subscription-based model where attackers can access pre-built ransomware...
Cryptocurrency hack
North Korean Hackers Employing New Tactic To Acruire Remote Jobs
North Korean threat actors behind the Contagious Interview and WageMole campaigns have refined their tactics, enhancing the obfuscation of their scripts to evade detection. InvisibleFerret...
Cyber Attack
CRON#TRAP Campaign Attacks Windows Machine With Weaponized Linux Virtual Machine
Weaponized Linux virtual machines are used for offensive cybersecurity purposes, such as "penetration testing" or "exploiting vulnerabilities."These setups often use the tools and frameworks...
Cyber Crime
HookBot Malware Use Overlay Attacks Impersonate As Popular Brands To Steal Data
The HookBot malware family employs overlay attacks to trick users into revealing sensitive information by impersonating various brands and apps to gain trust. It...
Android
ToxicPanda Banking Malware Attacking Banking Users To Steal Logins
Recent research has uncovered a new strain of malware developed for Android devices, initially misidentified as TgToxic. Despite sharing some bot command similarities, this malware,...
Azure
Azure API Management Vulnerabilities Let Attackers Escalate Privileges
Recent discoveries by Binary Security have revealed critical vulnerabilities in Azure API Management (APIM) that could allow attackers with minimal privileges to escalate their access and...
Chrome
Google Patches High-Severity Vulnerabilities in Chrome
Google has released a new update for its Chrome browser, addressing two high-severity vulnerabilities.The Stable channel has now been updated to version 130.0.6723.116/.117 for Windows...