Hackers Exploit Old Microsoft Office 0-day to Deliver Cobalt Strike
Hackers have leveraged an old Microsoft Office vulnerability, CVE-2017-8570, to deploy the notorious Cobalt Strike Beacon, targeting systems in Ukraine.It has been closely...
Multiple MySQL2 Flaw Let Attackers Arbitrary Code Remotely
The widely used MySQL2 has been discovered to have three critical vulnerabilities: remote Code execution, Arbitrary code injection, and Prototype Pollution.These vulnerabilities have been...
Ransomware Victims Who Opt To Pay Ransom Hits Record Low
Law enforcement operations disrupted BlackCat and LockBit RaaS operations, including sanctions on LockBit members aiming to undermine affiliate confidence.In response, LockBit publicly exposed an...
PoC Exploit Released For Critical Oracle VirtualBox Vulnerability
Oracle Virtualbox was identified and reported as having a critical vulnerability associated with Privilege Escalation and Arbitrary File Move/Delete.This vulnerability was assigned with CVE-2024-21111,...
Windows MagicDot Path Flaw Lets Attackers Gain Rootkit-Like Abilities
A new vulnerability has been unearthed, allowing attackers to gain rootkit-like abilities on Windows systems without requiring administrative privileges.Dubbed "MagicDot," this vulnerability exploits the...
FGVulDet – New Vulnerability Detector to Analyze Source Code
Detecting source code vulnerabilities aims to protect software systems from attacks by identifying inherent vulnerabilities. Prior studies often oversimplify the problem into binary classification tasks,...
Operation MidnightEclipse: Hackers Actively Exploiting Palo Alto Networks Zero-Day Flaw
The Palo Alto Networks PAN-OS software has a critical command injection vulnerability that allows an unauthorized attacker to run arbitrary code on the firewall with...
Ex-Security Engineer Jailed For Hacking Decentralized Cryptocurrency Exchanges
Ahmed exploited a vulnerability in a decentralized cryptocurrency exchange's smart contract by injecting fabricated pricing data, which triggered the generation of inflated fees totaling...
.webp "Microsoft .NET, .NET Framework, & Visual Studio Vulnerable To RCE Attacks")
Microsoft .NET, .NET Framework, & Visual Studio Vulnerable To RCE Attacks
A new remote code execution vulnerability has been identified to be affecting multiple Microsoft products including .NET, .NET Framework and Visual Studio.This vulnerability...
Alert! Palo Alto RCE Zero-day Vulnerability Actively Exploited in the Wild
In a recent security bulletin, Palo Alto Networks disclosed a critical vulnerability in its GlobalProtect Gateway, identified as CVE-2024-3400. This flaw, rooted in the...
Managed WAF protection
.webp "Forex Copy Trading – Essentials To Know Before A Trade")