Critical QNAP Vulnerabilities in Notes Station 3 and QuRouter Demand Immediate Patching (CVE-2024-38645, CVE-2024-38643, CVE-2024-48860)
Nov 26, 2024
Categories
Top Articles
Perfctl Campaign Exploits Millions of Linux Servers for Crypto Mining and Proxyjacking
Nov 25, 2024
NodeStealer’s Evolution: A Growing Threat to Facebook Accounts and Beyond
Nov 22, 2024
Financial Software Company Finastra Investigates Recent Security Incident
Nov 21, 2024
Privilege Escalation Risks in ‘needrestart’ Utility Threaten Linux Systems; OSS-Fuzz Finds 26 Hidden Flaws
Nov 21, 2024
Sep 02, 2022
1,800 Apps with Hardcoded AWS Credentials Show Supply Chain Risks
1,800 Apps with Hardcoded AWS Credentials Show Supply Chain Risks More than 1,800 mobile applications have hardcoded AWS credentials, according to Symantec, which has issued a warning about the p...
Learn More
Sep 01, 2022
Spyware Firm Sold Android and iOS RCE Exploit for €8 Million
Spyware Firm Sold Android and iOS RCE Exploit for €8 Million Intellexa, a spyware firm that originated in Greece, has entered the market recently. Its work is similar to Pegasus Spyware and offers RCE...
Learn More
Aug 31, 2022
Malicious Chrome Extensions Could Affect More Than 1.4 Million Users
Malicious Chrome Extensions Could Affect More Than 1.4 Million Users McAfee researchers discovered several malicious Google Chrome extensions. The total download count for the extensions is over 1.4 m...
Learn More
Aug 29, 2022
Critical RCE Vulnerability in the Atlassian Bitbucket Server and Data ...
Critical RCE Vulnerability in the Atlassian Bitbucket Server and Data Center Atlassian recently issued a security advisory to notify Bitbucket Server and Data Center users about a critical v...
Learn More
Aug 26, 2022
Twilio and MailChimp Attackers Hit 130 Organizations with Okta Phishin...
Twilio and MailChimp Attackers Hit 130 Organizations with Okta Phishing Campaign A larger phishing campaign that targeted 136 organizations and resulted in the theft of 9,931 account login ...
Learn More
Aug 26, 2022
Threat Actors Stole LastPass Source Code Through a Compromised Develop...
Threat Actors Stole LastPass Source Code Through a Compromised Developer Account On 25th August, LastPass announced a breach and stated that its source code was stolen, along with some technical infor...
Learn More
Aug 25, 2022
IBM Fixes Security Bypass Vulnerabilities Discovered in MQ Software
IBM Fixes Security Bypass Vulnerabilities Discovered in MQ Software IBM released security updates for two critical vulnerabilities in its message-oriented middleware IBM MQ. The vulnerabilities, ident...
Learn More
Aug 25, 2022
Patch Available for Important LPE Vulnerability in VMware Tools
Patch Available for Important LPE Vulnerability in VMware Tools A security flaw identified in VMware Tools could lead to local privilege escalation attacks. A remote attacker with initial access can s...
Learn More
Aug 24, 2022
Critical RCE Flaw Fixed in New Versions of GitLab
Critical RCE Flaw Fixed in New Versions of GitLab GitLab released patches where they fixed a critical remote code execution vulnerability. It is labeled CVE-2022-2884 with a CVSS score of 9....
Learn More
Aug 23, 2022
Hackers Utilize AWS to Launch Phishing Attacks
Hackers Utilize AWS to Launch Phishing Attacks Phishing attacks are being launched by hackers using a tactic called Static Expressway. The newly-spread tactic lets hackers get their emails past Amazon...
Learn More
Aug 22, 2022
Major Cyberattacks in Review: July 2022
Major Cyberattacks in Review: July 2022 Today’s world has many cyberattack targets, including large organizations, small businesses, and individuals. Any action, no matter how small, can put yo...
Learn More
Aug 22, 2022
LockBit Allegedly DDoSed After Leaking Entrust's Data
LockBit Allegedly DDoSed After Leaking Entrust’s Data IT security company Entrust suffered a cyberattack on June 18. Attackers gained unauthorized access to the company’s network to r...
Learn More
Aug 19, 2022
Fixed Flaw in Fishbowl Inventory Could Lead to RCE
Fixed Flaw in Fishbowl Inventory Could Lead to RCE Researchers identified a Java deserialization flaw in a Fishbowl Inventory instance that could result in remote code execution. The vulnerability is ...
Learn More
Aug 18, 2022
New Zero-Day Vulnerabilities in Apple and Google Products
New Zero-Day Vulnerabilities in Apple and Google Products Apple issued security updates to fix zero-day vulnerabilities that were reportedly being actively exploited. The vulnerabilities could let an ...
Learn More
Aug 17, 2022
Exploit Code of Critical Realtek SDK Vulnerability Released
Exploit Code of Critical Realtek SDK Vulnerability Released An exploit code is accessible for the Realtek eCos SDK‘s high severity security flaw. The flaw could allow unauthenticated remote atta...
Learn More
Aug 17, 2022
MailChimp Breached Shortly After Twilio Incident
MailChimp Breached Shortly After Twilio Incident DigitalOcean became aware of a breach after MailChimp suddenly suspended its account on August 8. A recent security breach at MailChimp allowed users’ ...
Learn More
Aug 16, 2022
Banking Trojan SOVA Has New Version with Updated Features
Banking Trojan SOVA Has New Version with Updated Features SOVA was announced as an Android banking trojan back in September 2021. Although it is currently under development, it already offer...
Learn More
Aug 15, 2022
Top 10 Data Breaches So Far in 2022
Top 10 Data Breaches So Far in 2022 Data breach cases are increasing as cyber security incidents rise. According to statistics, more than 90% of data breaches are caused by cyber-attacks. However, dat...
Learn More
Aug 15, 2022
Could China – Taiwan Cyber Conflict Deepen the Global Chip Crisis?
Could China – Taiwan Cyber Conflict Deepen the Global Chip Crisis? The US House of Representatives speaker Nancy Pelosi arrived in Taiwan on the evening of August 2. She’s the first US represent...
Learn More
Aug 15, 2022
Vulnerability Affecting Some Palo Alto Products Allows RDoS Attacks
Vulnerability Affecting Some Palo Alto Products Allows RDoS Attacks A service provider recently notified Palo Alto Networks about an attempted reflected denial-of-service (RDoS) attack. The ...
Learn More
