Critical QNAP Vulnerabilities in Notes Station 3 and QuRouter Demand Immediate Patching (CVE-2024-38645, CVE-2024-38643, CVE-2024-48860)
Nov 26, 2024
Categories
Top Articles
Perfctl Campaign Exploits Millions of Linux Servers for Crypto Mining and Proxyjacking
Nov 25, 2024
NodeStealer’s Evolution: A Growing Threat to Facebook Accounts and Beyond
Nov 22, 2024
Financial Software Company Finastra Investigates Recent Security Incident
Nov 21, 2024
Privilege Escalation Risks in ‘needrestart’ Utility Threaten Linux Systems; OSS-Fuzz Finds 26 Hidden Flaws
Nov 21, 2024
Oct 05, 2022
Optus Confirms Nearly 2.1M Australian Telecom Users' Data was Exposed ...
Optus Confirms Nearly 2.1M Australian Telecom Users’ Data was Exposed Optus disclosed a data leak involving nearly 2.1 million customer records. Customers’ personal information, includin...
Learn More
Oct 04, 2022
Top 20 Cybersecurity Podcasts You Must Follow in 2022
Top 20 Cybersecurity Podcasts You Must Follow in 2022 Every day brings new trends and threats with it. To keep yourself, your devices, and your business safe, it is advisable to be aware of changes in...
Learn More
Oct 04, 2022
Comm100 Installer Abused in Supply Chain Attack to Distribute Malware ...
Comm100 Installer Abused in Supply Chain Attack to Distribute Malware The Comm100 Live Chat application was subject to a supply chain attack in the very last days of September. A trojanized installe...
Learn More
Oct 03, 2022
Ransomware Gangs Targeting US Critical Infrastructure
Ransomware Gangs Targeting US Critical Infrastructure Last week, notorious ransomware gangs made a splash again by targeting US critical infrastructures. One of the threat actors that victimized the d...
Learn More
Oct 03, 2022
SolarMarker Distributes Malware Via Fake Chrome Updates
SolarMarker Distributes Malware Via Fake Chrome Updates Threat actors related to SolarMarker strike with watering hole attacks as a new method of delivering malware rather than the previously used SEO...
Learn More
Sep 30, 2022
Threat Actors Exploit Unpatched Microsoft Exchange Zero-Days (ProxyNot...
Threat Actors Exploit Unpatched Microsoft Exchange Zero-Days (ProxyNotShell) Security experts caution about actively exploited zero-day vulnerabilities in Microsoft Exchange servers. The flaws could a...
Learn More
Sep 29, 2022
Brute Ratel C4 Toolkit Gets Cracked and Distributed Online
Brute Ratel C4 Toolkit Gets Cracked and Distributed Online The cracked version of Brute Ratel C4 (BRC4) is currently being distributed on hacker platforms for free. Posts spreading it have been seen i...
Learn More
Sep 28, 2022
Critical WhatsApp Vulnerabilities Allow Attackers Remote Device Hackin...
Critical WhatsApp Vulnerabilities Allow Attackers Remote Device Hacking WhatsApp’s September security update fixes two high-severity flaws that could result in remote code execution. T...
Learn More
Sep 28, 2022
Threat Actors Impersonate GitHub, Zoom, and Cloudflare to Steal User I...
Threat Actors Impersonate GitHub, Zoom, and Cloudflare to Steal User Information Hackers frequently look for ways to trick users and organizations, as the weakest link in security is the human factor....
Learn More
Sep 27, 2022
Exmatter Tool Provides a New Strategy for Extortion
Exmatter Tool Provides a New Strategy for Extortion Data exfiltration malware Exmatter, previously associated with the BlackMatter ransomware gang, now has data corruption capabilities. This could sig...
Learn More
Sep 27, 2022
Threat Actors Utilize PowerPoint Files to Distribute Graphite Malware
Threat Actors Utilize PowerPoint Files to Distribute Graphite Malware Threat actors started utilizing PowerPoint presentations as a code execution method and delivering Graphite malware in targeted at...
Learn More
Sep 26, 2022
FARGO Ransomware Targets Vulnerable Microsoft SQL Servers
FARGO Ransomware Targets Vulnerable Microsoft SQL Servers Microsoft SQL database servers are the target of a new ransomware attack campaign called FARGO ransomware. FARGO, also known as TargetCom...
Learn More
Sep 26, 2022
Sophos Firewall Patch Released for Actively Exploited Zero-Day RCE Vul...
Sophos Firewall Patch Released for Actively Exploited Zero-Day RCE Vulnerability Sophos released a patch for a flaw discovered in their firewall product. Tracked as CVE-2022-3236 (CVSS score...
Learn More
Sep 23, 2022
A New Attack Wave Targeting Critical Magento Vulnerability
A New Attack Wave Targeting Critical Magento Vulnerability E-commerce platform Magento has become a frequent target for hackers. More attempts have been made to exploit CVE-2022-24086&n...
Learn More
Sep 23, 2022
CISA Urges to Patch ManageEngine Against RCE Vulnerability
CISA Urges to Patch ManageEngine Against RCE Vulnerability CISA has added a new critical vulnerability to its Known Exploited Vulnerabilities Catalog. The flaw exists in several ManageEngine prod...
Learn More
Sep 22, 2022
Python Flaw Unfixed for 15 Years: 350,000 Projects Deemed Vulnerable
Python Flaw Unfixed for 15 Years: 350,000 Projects Deemed Vulnerable A flaw in the Python tarfile module has gone unfixed for 15 years. 350,000 open-source projects are considered vulnerable. The fla...
Learn More
Sep 22, 2022
Threat Actors Exploit Atlassian Confluence RCE Flaw to Install Crypto ...
Threat Actors Exploit Atlassian Confluence RCE Flaw to Install Crypto Miners Unpatched Atlassian Confluence Server instances are vulnerable to a critical RCE flaw. The flaw, tracked as CVE-2...
Learn More
Sep 21, 2022
$162M Stolen from Digital Asset Trader Wintermute
$162M Stolen from Digital Asset Trader Wintermute Evgeny Gaevoy, the CEO of Wintermute, said earlier today that the company had been hacked and had lost $162.2 million in DeFi operations. The Profani...
Learn More
Sep 21, 2022
Cobalt Strike Rolls Out an Update for XSS Vulnerability
Cobalt Strike Rolls Out an Update for XSS Vulnerability Cobalt Strike 4.7.1 out-of-band update fixed an issue in version 4.7 that the affected users reported. There was no workaround for the problem. ...
Learn More
Sep 20, 2022
Highlights from SOCRadar Cyberwatch September Webinar
Highlights from SOCRadar Cyberwatch September Webinar The first of SOCRadar’s Cyberwatch webinar series took place yesterday. Cyberwatch September, which covers significant cyber incidents, emer...
Learn More
