CVE/vulnerability
Windows 11 BitLocker Bypassed to Extract Encryption Keys
An attacker with physical access can abruptly restart the device and dump RAM, as analysis of this memory may reveal FVEK keys from recently running Windows instances, compromising data...
Cyber Security News
ConvoC2 – A Red Teamers Tool To Execute Commands on Hacked Hosts Via Microsoft Teams
A stealthy Command-and-Control (C2) infrastructure Red Team tool named ConvoC2 showcases how cyber attackers can exploit Microsoft Teams to execute system commands on compromised...
Cyber Security News
Cloudflare Developer Domains Abused For Cyber Attacks
Cloudflare Pages, a popular web deployment platform, is exploited by threat actors to host phishing sites, as attackers leverage Cloudflare's trusted infrastructure, global CDN,...
Cyber Security News
Hackers Cloning Websites, Exploiting RCE Flaws To Gain Access To Shopping Platforms
Cybercriminals are leveraging AI-powered phishing attacks, website cloning tools, and RCE exploits to target e-commerce platforms during the holiday season, which allow attackers to...
Cyber Security News
Hackers Exploited Windows Event Logs Tool log Manipulation, And Data Exfiltration
wevtutil.exe, a Windows Event Log management tool, can be abused for LOLBAS attacks. By manipulating its capabilities, attackers can execute arbitrary commands, download malicious...
Cyber Security News
Chinese APT Hackers Using Multiple Tools And Vulnerabilities To Attack Telecom Orgs
Earth Estries, a Chinese APT group, has been actively targeting critical sectors like telecommunications and government entities since 2023. They employ advanced techniques, including exploiting...
Cyber Security News
Beware Of SpyLoan Apps Exploits Social Engineering To Steal User Data
SpyLoan apps, a type of PUP, are rapidly increasing, exploiting social engineering to deceive users into granting excessive permissions, where these apps, installed millions...
Cyber Security News
Embargo Ransomware Actors Abuses Safe Mode To Disable Security Solutions
In July 2024, the ransomware group Embargo targeted US companies using the malicious loader MDeployer and EDR killer MS4Killer.MDeployer deployed MS4Killer, which disabled security...
CVE/vulnerability
SMB Force-Authentication Vulnerability Impacts All OPA Versions For Windows
Open Policy Agent (OPA) recently patched a critical vulnerability that could have exposed NTLM credentials of the OPA server's local user account to remote...
Cyber Security News
Hackers Exploiting Selenium Grid Tool To Deploy Exploit Kit & Proxyjacker
Two campaigns targeting Selenium Grid's default lack of authentication are underway, as threat actors are exploiting this vulnerability to deploy malicious payloads, including exploit...
Cyber Crime
Threat Actors Exploiting Legitimate Software For Stealthy Cyber Attacks
CAMO, or Commercial Applications, Malicious Operations, highlights attackers' increasing reliance on legitimate IT tools to bypass security defenses, which can be used for various...