Critical QNAP Vulnerabilities in Notes Station 3 and QuRouter Demand Immediate Patching (CVE-2024-38645, CVE-2024-38643, CVE-2024-48860)
Nov 26, 2024
Categories
Top Articles
Perfctl Campaign Exploits Millions of Linux Servers for Crypto Mining and Proxyjacking
Nov 25, 2024
NodeStealer’s Evolution: A Growing Threat to Facebook Accounts and Beyond
Nov 22, 2024
Financial Software Company Finastra Investigates Recent Security Incident
Nov 21, 2024
Privilege Escalation Risks in ‘needrestart’ Utility Threaten Linux Systems; OSS-Fuzz Finds 26 Hidden Flaws
Nov 21, 2024
Aug 12, 2022
Over 1,000 Zimbra Servers Compromised by Auth Bypass Vulnerability
Over 1,000 Zimbra Servers Compromised by Auth Bypass Vulnerability Zimbra Collaboration Suite (ZCS) was found to have an actively exploited authentication bypass vulnerability. The vulnerability is tr...
Learn More
Aug 11, 2022
SOCRadar's Free IOC Search & Enrichment Service is Now Available
SOCRadar’s Free IOC Search & Enrichment Service is Now Available IOCs are a vital component of the threat hunting process, essential to detect and isolate advanced cyber threats. As a critic...
Learn More
Aug 11, 2022
How Did Cisco Get Hacked, What Was Leaked, and What Did We Learn?
How Did Cisco Get Hacked, What Was Leaked, and What Did We Learn? ...
Learn More
Aug 10, 2022
Traffic Light Protocol is Updated to Version 2.0
Traffic Light Protocol is Updated to Version 2.0 The Forum of Incident Response and Security Teams (FIRST) has shared an update for Traffic Light Protocol (TLP), denominating the latest version a...
Learn More
Aug 10, 2022
Microsoft Fixes 121 Security Flaws in August Patch Tuesday
Microsoft Fixes 121 Security Flaws in August Patch Tuesday In this month’s Patch Tuesday, Microsoft fixed 121 flaws in total, including two zero-day vulnerabilities that are actively exploited. ...
Learn More
Aug 09, 2022
Why are Russian Threat Actors Targeting Azerbaijan?
Why are Russian Threat Actors Targeting Azerbaijan? Since the start of the Russian invasion of Ukraine, Ukrainian organizations have been bombarded with cyberattacks executed by Russian threat actors....
Learn More
Aug 09, 2022
Critical Vulnerabilities in Exim Email Server Allow RCE
Critical Vulnerabilities in Exim Email Server Allow RCE Two critical vulnerabilities discovered in the open source email server Exim threaten over 500,000 email servers. One of the vulnerabilities all...
Learn More
Aug 08, 2022
Linux Malware RapperBot Brute Forcing SSH Servers
Linux Malware RapperBot Brute Forcing SSH Servers RapperBot is an IoT botnet malware that has spread through brute force since it was first identified in June 2022. Over 3,500 unique IPs were utilized...
Learn More
Aug 05, 2022
Gartner: EASM and DRPS Services Rise in the Market
Gartner: EASM and DRPS Services Rise in the Market Gartner shared HypeCyclefor Security Operations, 2022, which it publishes periodically and aims to provide insight into cyber security operations and...
Learn More
Aug 05, 2022
Dark Utilities Platform Provides C2 Server for Threat Actors
Dark Utilities Platform Provides C2 Server for Threat Actors Cybercriminals can now use a new service called Dark Utilities to build up a command and control (C2) center for their malicious activities...
Learn More
Aug 04, 2022
Cisco Fixed RCE and Command Injection Flaws in VPN Router Series
Cisco Fixed RCE and Command Injection Flaws in VPN Router Series Cisco released fixes for several vulnerabilities in its VPN routers. Affected products could be subject to remote code execution, comma...
Learn More
Aug 03, 2022
IBM Report: Data Breach Costs Higher Than Ever
IBM Report: Data Breach Costs Higher Than Ever IBM has published the Cost of a Data Breach report, which reveals how organizations from different industries are affected by data breaches and set futur...
Learn More
Aug 03, 2022
VMware Fixes Critical Vulnerabilities Including RCE and Authentication...
VMware Fixes Critical Vulnerabilities Including RCE and Authentication Bypass With the security update released Tuesday, VMware fixed ten vulnerabilities affecting some of its products. One is the aut...
Learn More
Aug 02, 2022
Banking Trojans Distributed on Google Play Store in DawDropper Campaig...
Banking Trojans Distributed on Google Play Store in DawDropper Campaign Cybersecurity researchers have uncovered a new campaign to distribute banking trojans on the Google Play Store. These ̶...
Learn More
Jul 29, 2022
Vulnerabilities in Atlassian Confluence Actively Exploited
Vulnerabilities in Atlassian Confluence Actively Exploited The critical hard-coded credentials flaw in Atlassian’s Questions For Confluence app (CVE-2022-26138) has been actively explo...
Learn More
Jul 28, 2022
Threats of Commercialized Malware: Knotweed
Threats of Commercialized Malware: Knotweed Microsoft associates the private sector offensive actor (PSOA) Knotweed with the Austrian spyware distributor DSIRF. DSIRF, founded in 2016, advertises...
Learn More
Jul 27, 2022
Ducktail Malware Targets Facebook Business Accounts via LinkedIn Phish...
Ducktail Malware Targets Facebook Business Accounts via LinkedIn Phishing Attack A new phishing attempt with the codename Ducktail is in progress and targets LinkedIn users who work in the field to hi...
Learn More
Jul 26, 2022
Zero-Day Security Flaw Exploited in PrestaShop Websites
Zero-Day Security Flaw Exploited in PrestaShop Websites Attackers discovered a way to exploit a vulnerability in PrestaShop servers. The actively exploited zero-day, CVE-2022-36408, allows attackers t...
Learn More
Jul 25, 2022
SonicWall Released Hotfix for Critical SQL Injection Flaw
SonicWall Released Hotfix for Critical SQL Injection Flaw A severe SQL injection vulnerability has been reported by network security vendor SonicWall in their security advisory. It affects the&nb...
Learn More
Jul 22, 2022
Cisco Released Patches for Multiple Nexus Dashboard Vulnerabilities
Cisco Released Patches for Multiple Nexus Dashboard Vulnerabilities Cisco announced that it has released security updates for vulnerabilities detected in the Nexus Dashboard. The security flaws i...
Learn More
