Perfctl Campaign Exploits Millions of Linux Servers for Crypto Mining and Proxyjacking
Nov 25, 2024
Categories
Top Articles
NodeStealer’s Evolution: A Growing Threat to Facebook Accounts and Beyond
Nov 22, 2024
Financial Software Company Finastra Investigates Recent Security Incident
Nov 21, 2024
Privilege Escalation Risks in ‘needrestart’ Utility Threaten Linux Systems; OSS-Fuzz Finds 26 Hidden Flaws
Nov 21, 2024
Apple, Oracle, and Apache Issue Critical Updates for Actively Exploited and High-Risk Vulnerabilities
Nov 20, 2024
Mar 07, 2023
SOCRadar is the Gold Winner of Three Cybersecurity Excellence Awards
SOCRadar is the Gold Winner of Three Cybersecurity Excellence Awards We are thrilled to announce that SOCRadar, a leading provider of cyber threat intelligence solutions, has been awarded in three cat...
Learn More
Mar 07, 2023
PoC Available for Critical RCE Vulnerability in Microsoft Word (CVE-20...
PoC Available for Critical RCE Vulnerability in Microsoft Word (CVE-2023-21716) CVE-2023-21716 was discovered in Microsoft Word last year. It is a critical remote code execution (RCE) vulnerability in...
Learn More
Mar 02, 2023
Aruba Networks Fixes Six Critical RCE Vulnerabilities Affecting ArubaO...
Aruba Networks Fixes Six Critical RCE Vulnerabilities Affecting ArubaOS In a recent security advisory, Aruba Networks disclosed thirty-three vulnerabilities. Six of them were rated as critical. The vu...
Learn More
Feb 27, 2023
Fix Available for Double Free Vulnerability in OpenSSH 9.1 (CVE-2023-2...
Fix Available for Double Free Vulnerability in OpenSSH 9.1 (CVE-2023-25136) CVE-2023-25136, a pre-authentication double-free vulnerability, has been fixed in OpenSSH version 9.2p1. The vulnerabil...
Learn More
Feb 22, 2023
VMware Fixes Critical Vulnerability in Carbon Black App Control (CVE-2...
VMware Fixes Critical Vulnerability in Carbon Black App Control (CVE-2023-20858) VMware has recently rolled out a patch to address a critical vulnerability in its Carbon Black App Control product, whi...
Learn More
Feb 20, 2023
Fortinet Patched Critical RCE Vulnerabilities in FortiNAC and FortiWeb...
Fortinet Patched Critical RCE Vulnerabilities in FortiNAC and FortiWeb: CVE-2022-39952 and CVE-2021-42756 [February 23, 2023] Update: The vulnerability has been exploited. Added the subheading“FortiNA...
Learn More
Feb 16, 2023
Atlassian Hacked: SiegedSec Hacker Group Leaks Company's Data
Atlassian Hacked: SiegedSec Hacker Group Leaks Company’s Data As a late Valentine’s Day hack, a hacker group called “SiegedSec” claims to have hacked software company Atlassian. The group leaked the c...
Learn More
Feb 15, 2023
Microsoft Fixes 3 Actively Exploited Zero-Day in February Patch Tuesda...
Microsoft Fixes 3 Actively Exploited Zero-Day in February Patch Tuesday Three actively exploited zero-day vulnerabilities and a total of 75 flaws are fixed by Microsoft’s security updates and Pa...
Learn More
Feb 14, 2023
Cloudflare Thwarts Largest DDoS Attack on Record: 71M Requests
Cloudflare Thwarts Largest DDoS Attack on Record: 71M Requests Cloudflare has blocked dozens of hyper-volumetric DDoS attacks aimed at its customers over the weekend. With 71 million requests per seco...
Learn More
Feb 10, 2023
Patch Released for CVE-2023-25194 RCE Vulnerability in Apache Kafka
Patch Released for CVE-2023-25194 RCE Vulnerability in Apache Kafka The most recent patch for Apache Kafka fixes an unsafe Java deserialization vulnerability. The vulnerability, tr...
Learn More
Feb 09, 2023
Cybercriminals Seek to Turn Humanitarian Crisis Into Opportunity
Cybercriminals Seek to Turn Humanitarian Crisis Into Opportunity On Monday, February 6, 2023, Turkey and Syria woke up to the morning of a major natural disaster. Two devastating earthquakes, 7.7...
Learn More
Feb 08, 2023
Decryptors Available for the ESXiArgs Incidents and Cl0p Ransomware Va...
Decryptors Available for the ESXiArgs Incidents and Cl0p Ransomware Variants Researchers have developed decryptors for some recent ransomware operations. The specific ransomware operations use Cl0p EL...
Learn More
Feb 02, 2023
1,200 Redis Servers Infected by New HeadCrab Malware for Cryptomining ...
1,200 Redis Servers Infected by New HeadCrab Malware for Cryptomining Operations A new malware has appeared on the frontlines, targeting online Redis servers. The malware, named HeadCrab by researcher...
Learn More
Jan 31, 2023
134M Exploit Attempts: Realtek RCE Vulnerability Targeted in Large-Sca...
134M Exploit Attempts: Realtek RCE Vulnerability Targeted in Large-Scale Attacks Threat actors stepped up their efforts to exploit a remote code execution vulnerability in the Realtek Jungle SDK&...
Learn More
Jan 27, 2023
Yandex Code Repositories Leaked Allegedly by Former Employee
Yandex Code Repositories Leaked Allegedly by Former Employee Yandex, a Russian technology company and popular search engine, has had its source code repositories leaked on a hacker forum. Ac...
Learn More
Jan 25, 2023
VMware Patches Critical RCE Vulnerabilities in vRealize Log Insight
VMware Patches Critical RCE Vulnerabilities in vRealize Log Insight UPDATE (February 1, 2023): Proof-of-concept (PoC) code for a VMware vRealize Log Insight vulnerability chain has been made available...
Learn More
Jan 24, 2023
Remote Code Execution Vulnerability in Microsoft Teams
Remote Code Execution Vulnerability in Microsoft Teams Researchers discovered an RCE vulnerability in Microsoft Teams during Pwn2Own 2022. The application is used by a wide range of people, ...
Learn More
Jan 23, 2023
Attackers Exploit Fortinet Zero-Day CVE-2022-42475 with BoldMove Malwa...
Attackers Exploit Fortinet Zero-Day CVE-2022-42475 with BoldMove Malware Researchers have discovered a sophisticated new BoldMove malware created specifically to operate on FortinetR...
Learn More
Jan 20, 2023
PayPal Reveals Credential Stuffing Attack That Affected 35K Users
PayPal Reveals Credential Stuffing Attack That Affected 35K Users PayPal has disclosed that it was hit by a credential stuffing attack last month. The online payment platform notifies all us...
Learn More
Jan 19, 2023
CISA Warns for Vulnerabilities in Industrial Control Systems (ICS)
CISA Warns for Vulnerabilities in Industrial Control Systems (ICS) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns about multiple security vulnerabilities in GE D...
Learn More
