Critical QNAP Vulnerabilities in Notes Station 3 and QuRouter Demand Immediate Patching (CVE-2024-38645, CVE-2024-38643, CVE-2024-48860)
Nov 26, 2024
Categories
Top Articles
Perfctl Campaign Exploits Millions of Linux Servers for Crypto Mining and Proxyjacking
Nov 25, 2024
NodeStealer’s Evolution: A Growing Threat to Facebook Accounts and Beyond
Nov 22, 2024
Financial Software Company Finastra Investigates Recent Security Incident
Nov 21, 2024
Privilege Escalation Risks in ‘needrestart’ Utility Threaten Linux Systems; OSS-Fuzz Finds 26 Hidden Flaws
Nov 21, 2024
Oct 28, 2022
Newly Unsealed Indictment Charges the Operator of Raccoon Infostealer
Newly Unsealed Indictment Charges the Operator of Raccoon Infostealer On Tuesday, October 25th, 2022, a federal grand jury indictment charges a Ukrainian national, Mark Sokolovsky, 26, also known as P...
Learn More
Oct 26, 2022
22 Years Old Vulnerability in SQLite Allows Arbitrary Code Execution
22 Years Old Vulnerability in SQLite Allows Arbitrary Code Execution CVE-2022-35737 is a vulnerability caused by the “Improper Validation of Array Index.” The vulnerability has a ...
Learn More
Oct 25, 2022
Apple Releases Patch for Exploited Zero-Day
Apple Releases Patch for Exploited Zero-Day Threat actors actively exploiting the remote code execution vulnerability tagged CVE-2022-42827. On compromised iOS devices, an application may be able...
Learn More
Oct 21, 2022
Ursnif Malware Moving to Ransomware Operations from Bank Account Theft
Ursnif Malware Moving to Ransomware Operations from Bank Account Theft Ursnif (a.k.a. Gozi), a former banking trojan, has been repurposed as a generic backdoor. Threat actors could use the new va...
Learn More
Oct 20, 2022
Details On The Largest B2B Leak: BlueBleed
Details On The Largest B2B Leak: BlueBleed As a cyber threat intelligence company, SOCRadar’s mission is to use every possible piece of information to identify and prevent cyber threats targetin...
Learn More
Oct 20, 2022
Collective Cyber Attacks by Hacktivists: What's Going on in Iran?
Collective Cyber Attacks by Hacktivists: What’s Going on in Iran? Iran is under the influence of a massive hacktivism attack that has recently begun and is still ongoing. The protests, which beg...
Learn More
Oct 19, 2022
Sensitive Data of 65,000+ Entities in 111 Countries Leaked due to a Si...
Sensitive Data of 65,000+ Entities in 111 Countries Leaked due to a Single Misconfigured Data Bucket SOCRadar has detected that sensitive data of 65,000 entities became public because of a misconfigur...
Learn More
Oct 14, 2022
New Alchimist Framework Targets Windows, macOS, and Linux Systems
New Alchimist Framework Targets Windows, macOS, and Linux Systems Researchers discovered a new post-exploit C2 framework by the name of Alchimist. The framework targets devices using Windows, Lin...
Learn More
Oct 13, 2022
SAP Fixes Critical Vulnerabilities in Commerce and Manufacturing Execu...
SAP Fixes Critical Vulnerabilities in Commerce and Manufacturing Execution Products SAP published its Security Patch Day document for October 2022. Five new high-severity security notes and ...
Learn More
Oct 13, 2022
Aruba Released Patches for EdgeConnect's Critical Vulnerabilities
Aruba Released Patches for EdgeConnect’s Critical Vulnerabilities Aruba released security updates to fix several critical vulnerabilities. The vulnerabilities were found in its popular WAN manag...
Learn More
Oct 12, 2022
Microsoft October Patch Tuesday Fixes Actively Exploited Zero Day and ...
Microsoft October Patch Tuesday Fixes Actively Exploited Zero Day and 13 Critical Flaws Microsoft Patch Tuesday for this month fixes a total of 84 vulnerabilities, including an actively exploited zero...
Learn More
Oct 12, 2022
Critical RCE Vulnerability with Max CVSS Score in VM2 Sandbox Library
Critical RCE Vulnerability with Max CVSS Score in VM2 Sandbox Library A critical vulnerability in vm2 might let a remote attacker bypass the sandbox environment and execute shell commands on...
Learn More
Oct 11, 2022
What Do You Need to Know About Fortinet Critical Authentication Bypass...
What Do You Need to Know About Fortinet Critical Authentication Bypass Vulnerability (CVE-2022-40684)? ...
Learn More
Oct 10, 2022
BidenCash Carding Shop Returns With a Larger Credit Card Dump
BidenCash Carding Shop Returns With a Larger Credit Card Dump [Update] May 17, 2023: BidenCash has started buying and selling SSH credentials. The marketplace is now offering related new services. Add...
Learn More
Oct 10, 2022
Unpatched RCE Vulnerability in Zimbra Actively Exploited
Unpatched RCE Vulnerability in Zimbra Actively Exploited Threat actors actively exploit Zimbra Collaboration Suite in the wild due to an unpatched vulnerability. Tracked as CVE-2022-413...
Learn More
Oct 07, 2022
Eternity Threat Group Distributing Multifunctional LilithBot Malware
Eternity Threat Group Distributing Multifunctional LilithBot Malware LilithBot, a multipurpose malware sample, was found by ThreatLabz. Further investigation indicated that malware was connected to th...
Learn More
Oct 07, 2022
Cisco Patched High Severity Vulnerabilities in Some Products
Cisco Patched High Severity Vulnerabilities in Some Products Cisco released an advisory to announce fixes for two high-severity vulnerabilities. The vulnerabilities could allow a remote hacker to...
Learn More
Oct 06, 2022
New Spyware RatMilad Targets Middle Eastern Mobile Devices
New Spyware RatMilad Targets Middle Eastern Mobile Devices RatMilad, a newly discovered Android spyware, has been stealing data from mobile devices in the Middle East. The malware is spread thro...
Learn More
Oct 06, 2022
Microsoft SQL Servers Infected by the New Malware: Maggie
Microsoft SQL Servers Infected by the New Malware: Maggie Maggie has emerged as a brand-new malware. The backdoor has already spread to hundreds of computers and is specifically designed to attack Mic...
Learn More
Oct 05, 2022
APT Group Lazarus Exploits High Severity Flaw in Dell Driver
APT Group Lazarus Exploits High Severity Flaw in Dell Driver The state-sponsored Lazarus group has been using a new strategy called Bring Your Own Vulnerable Driver (BYOVD) attack. The ...
Learn More
