NodeStealer’s Evolution: A Growing Threat to Facebook Accounts and Beyond
Nov 22, 2024
Categories
Top Articles
Financial Software Company Finastra Investigates Recent Security Incident
Nov 21, 2024
Privilege Escalation Risks in ‘needrestart’ Utility Threaten Linux Systems; OSS-Fuzz Finds 26 Hidden Flaws
Nov 21, 2024
Apple, Oracle, and Apache Issue Critical Updates for Actively Exploited and High-Risk Vulnerabilities
Nov 20, 2024
Exploited PAN-OS Zero-Days Threaten Thousands of Firewalls (CVE-2024-0012 and CVE-2024-9474)
Nov 19, 2024
Jun 18, 2024
VMware vCenter Server Updates Address Critical RCE and Privilege Escal...
VMware vCenter Server Updates Address Critical RCE and Privilege Escalation Vulnerabilities (CVE-2024-37079, CVE-2024-37080, CVE-2024-37081) Broadcom has released a security update for its popular man...
Learn More
Jun 12, 2024
Microsoft’s June 2024 Patch Tuesday Highlights KeyTrap Zero-Day, Criti...
Microsoft’s June 2024 Patch Tuesday Highlights KeyTrap Zero-Day, Critical MSMQ Flaw; Windows LPE Exploit [Update] October 15, 2024: “PoC Exploit Released for CVE-2024-35250” [Update] October 14, 2024...
Learn More
Jun 11, 2024
Major Cyber Attacks in Review: May 2024
Major Cyber Attacks in Review: May 2024 May 2024 saw several major cyber attacks across diverse sectors, including cryptocurrency, cloud services, and online archives. Notable incidents include the $3...
Learn More
Jun 10, 2024
Malvertising Campaign Targets Windows Administrators Using PuTTy and W...
Malvertising Campaign Targets Windows Administrators Using PuTTy and WinSCP An AI illustration of the malvertising campaign using PuTTy and WinSCP In the ever-evolving landscape of digital security...
Learn More
Jun 07, 2024
Grandoreiro Malware Campaign: A Global Threat to Banking Security
Grandoreiro Malware Campaign: A Global Threat to Banking Security The Grandoreiro banking trojan was first observed in 2016. This threat is described as a highly sophisticated and adaptive Windows-bas...
Learn More
Jun 05, 2024
Zyxel NAS Devices’ EoL Models Patched for Critical Code Execution Vuln...
Zyxel NAS Devices’ EoL Models Patched for Critical Code Execution Vulnerabilities: CVE-2024-29972, CVE-2024-29973, CVE-2024-29974 [Update] June 24, 2024: “Critical Zyxel NAS Vulnerability (CVE-2024-29...
Learn More
Jun 02, 2024
Overview of the Snowflake Breach: Threat Actor Offers Data of Cloud Co...
Overview of the Snowflake Breach: Threat Actor Offers Data of Cloud Company’s Customers This blog actively documents significant updates related to the Snowflake Breach. Latest update: “DOJ Indictment...
Learn More
May 31, 2024
New in CISA KEV: Check Point VPN Zero-Day CVE-2024-24919 & Linux Kerne...
New in CISA KEV: Check Point VPN Zero-Day CVE-2024-24919 & Linux Kernel Flaw CVE-2024-1086 The U.S. Cybersecurity and Infrastructure Agency (CISA) updated its Known Exploited Vulnerabilities (KEV)...
Learn More
May 31, 2024
GuptiMiner Campaign: The Trojan Tango of Infiltrating Antivirus Update...
GuptiMiner Campaign: The Trojan Tango of Infiltrating Antivirus Updates for Deception The GuptiMiner malware campaign is creating significant disruption in the cybersecurity landscape by exploiting a ...
Learn More
May 30, 2024
Progress Telerik Report Server Receives Security Update for Critical A...
Progress Telerik Report Server Receives Security Update for Critical Auth Bypass Vulnerability, CVE-2024-4358 [Update] June 14, 2024: “CISA Adds CVE-2024-4358 to Known Exploited Vulnerabilities Catalo...
Learn More
May 29, 2024
PoC Exploit for CVE-2024-4956 in Sonatype Nexus Repository 3 Draws Thr...
PoC Exploit for CVE-2024-4956 in Sonatype Nexus Repository 3 Draws Threat Actors’ Attention Sonatype recently released a security advisory alerting users to a high-severity security vulnerabilit...
Learn More
May 27, 2024
New Cyber Attack Campaign Bombarding Organizations with Fake Emails an...
New Cyber Attack Campaign Bombarding Organizations with Fake Emails and Phone Calls The cyber threat landscape is always changing, with attackers using new methods to get into organizations and exploi...
Learn More
May 24, 2024
CVE-2020-17519 in Apache Flink Enters CISA’s KEV Catalog & GitLab ...
CVE-2020-17519 in Apache Flink Enters CISA’s KEV Catalog & GitLab Patches XSS Flaw, CVE-2024-4835 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently updated its Known Ex...
Learn More
May 24, 2024
DNSBomb: A New DoS Threat Targeting Critical Internet Infrastructure
DNSBomb: A New DoS Threat Targeting Critical Internet Infrastructure Illustrative Image – Generated by DALL-E ...
Learn More
May 22, 2024
Atlassian and Ivanti Address Critical Vulnerabilities in May Updates: ...
Atlassian and Ivanti Address Critical Vulnerabilities in May Updates: CVE-2024-21683, CVE-2023-4759, CVE-2024-29822, and More [Update] October 3, 2024: “CISA Added Ivanti EPM Vulnerability (CVE-...
Learn More
May 22, 2024
Critical Patch for Veeam Backup Enterprise Manager (VBEM): CVE-2024-29...
Critical Patch for Veeam Backup Enterprise Manager (VBEM): CVE-2024-29849 Could Allow Account Takeover [Update] June 10, 2024: “PoC Exploit Released for the Critical CVE-2024-29849 Vulnerability in Ve...
Learn More
May 21, 2024
Critical Auth Bypass in GitHub Enterprise Server, CVE-2024-4985; PoC A...
Critical Auth Bypass in GitHub Enterprise Server, CVE-2024-4985; PoC Available for QNAP QTS’ CVE-2024-27130 The vulnerability landscape continues to grow, introducing critical risks that can enable ma...
Learn More
May 21, 2024
CVE-2024-4367 in PDF.js Allows JavaScript Execution, Potentially Affec...
CVE-2024-4367 in PDF.js Allows JavaScript Execution, Potentially Affecting Millions of Websites: Update Now Security experts identified a significant vulnerability in PDF.js, a widely used JavaScript ...
Learn More
May 16, 2024
Critical Security Updates for Git SCM: CVE-2024-32002 & CVE-2024-3...
Critical Security Updates for Git SCM: CVE-2024-32002 & CVE-2024-32004 Lead to RCE [Update] May 17, 2024: “Exploit for the Critical Git Vulnerability (CVE-2024-32002)” The Git SCM project has rec...
Learn More
May 16, 2024
BreachForums Seized Once Again, What is Next?
BreachForums Seized Once Again, What is Next? [Update] July 24, 2024: “Threat Actor Emo Leaks Personal Information of 212,414 BreachForums 1.0 Members” [Update] June 13, 2024: “BreachForums Back Onlin...
Learn More
