CVE-2024-21006 in Oracle WebLogic Server – Oracle’s April 2024 Update Brings 441 New Security Patches
Apr 17, 2024
Categories
Top Articles
Committing a Sin, OpenJS Foundation and XZ Utils Incidents: Lessons in Open Source Security
Apr 17, 2024
Ivanti Avalanche Received an Update for Over Two Dozen Vulnerabilities (CVE-2024-24996, CVE-2024-29204…)
Apr 17, 2024
Major Cyber Attacks in Review: March 2024
Apr 16, 2024
Cyber Reflections of Iran's Attack on Israel
Apr 15, 2024
Sep 27, 2023
Microsoft SharePoint Server Elevation of Privilege Vulnerability Explo...
Microsoft SharePoint Server Elevation of Privilege Vulnerability Exploit (CVE-2023-29357) [Update] January 11, 2024: “SharePoint Vulnerability Has Been Added to the KEV Catalog by CISA” [Update] Sept...
Learn More
Sep 26, 2023
What You Need to Know About the Alleged Sony Breach
What You Need to Know About the Alleged Sony Breach The RansomedVC group has announced that it successfully breached Sony, the renowned Japanese multinational electronics giant. The group claims to ha...
Learn More
Sep 25, 2023
TeamCity Authentication Bypass Flaw: CVE-2023-42793
TeamCity Authentication Bypass Flaw: CVE-2023-42793 [Update] December 14, 2023: See the subheading: “CISA Alerts on APT29 Exploiting TeamCity Vulnerability, CVE-2023-42793.” [Update] October 6, 2023:...
Learn More
Sep 25, 2023
Over 400K Buckets and 10.4B Files Are Public Due to Cloud Misconfigura...
Over 400K Buckets and 10.4B Files Are Public Due to Cloud Misconfigurations In today’s cloud-centric era, the migration of digital assets to cloud storage has become widespread, driven by the de...
Learn More
Sep 21, 2023
Joint Advisory by CISA and FBI: Snatch Ransomware
Joint Advisory by CISA and FBI: Snatch Ransomware The FBI and CISA have recently issued a joint cybersecurity advisory (CSA) concerning the Snatch ransomware variant. The advisory provides comprehensi...
Learn More
Sep 20, 2023
Mastodon Vulnerabilities and Critical Zero-Day in TrendMicro’s Apex On...
Mastodon Vulnerabilities and Critical Zero-Day in TrendMicro’s Apex One, Fixed: CVE-2023-41179, CVE-2023-42451, CVE-2023-42452 Mastodon recently addressed two vulnerabilities, namely CVE-2023-42451 an...
Learn More
Sep 20, 2023
GitLab's Critical Security Update: What You Need to Know (CVE-2023-500...
GitLab’s Critical Security Update: What You Need to Know (CVE-2023-5009) GitLab is a widely-used DevOps platform that allows for code hosting, continuous integration, and other collaborative fea...
Learn More
Sep 19, 2023
Your Data Is Not Safe: 8Base Deanonymized
Your Data Is Not Safe: 8Base Deanonymized In the ever-evolving world of cybercrime, the 8Base ransomware group has recently come under the spotlight. Known for its victim-shaming website, th...
Learn More
Sep 19, 2023
Microsoft AI Repository Exposes 38TB of Data: A Tale in AI and Cloud S...
Microsoft AI Repository Exposes 38TB of Data: A Tale in AI and Cloud Security Wiz Research recently unveiled a startling incident involving Microsoft’s AI research team: an accidental exposure o...
Learn More
Sep 18, 2023
LockBit’s New Regulations Sets Minimum For Ransom Demands
LockBit’s New Regulations Sets Minimum For Ransom Demands Recently, the notorious LockBit ransomware group has initiated a significant discussion among its affiliates regarding potential cha...
Learn More
Sep 16, 2023
Why are Threat Actors Targeting Indonesia?
Why are Threat Actors Targeting Indonesia? On September 3, Indonesia hiked fuel prices by 30%, stating that petrol and diesel prices are still low by world standards, but subsidies are unsustainable. ...
Learn More
Sep 15, 2023
MGM Resorts Hacked by BlackCat Affiliate, ‘Scattered Spider’
MGM Resorts Hacked by BlackCat Affiliate, ‘Scattered Spider’ A cybercriminal gang employing a combination of impersonation and malware is the prime suspect behind the cyberattack that crippled the ope...
Learn More
Sep 14, 2023
LockBit Attack Fails, 3AM Ransomware Steps In as Plan B
LockBit Attack Fails, 3AM Ransomware Steps In as Plan B Researchers have recently identified a new strain of ransomware called 3AM. Their investigation revealed that the first known usage of this rans...
Learn More
Sep 13, 2023
September 2023 Patch Tuesday by Microsoft Fixes Five Critical, Two Zer...
September 2023 Patch Tuesday by Microsoft Fixes Five Critical, Two Zero-Day Vulnerabilities [Update] September 15, 2023: See the subheading: “Proof-of-Concept (PoC) Exploit Available for CVE-2023-3814...
Learn More
Sep 12, 2023
Mother of the Threats: Threat as a Service
Mother of the Threats: Threat as a Service Anonymous Russia’s botnet service Tesla-bot announced a new malicious service model on its Telegram channel. This new type of service and concept, whic...
Learn More
Sep 12, 2023
Cisco Zero-Day Vulnerability Exploited by LockBit and Akira (CVE-2023-...
Cisco Zero-Day Vulnerability Exploited by LockBit and Akira (CVE-2023-20269) Cisco recently issued an advisory regarding a zero-day vulnerability, CVE-2023-20269, in its Adaptive Security Appliance (A...
Learn More
Sep 11, 2023
Telegram Hit by a DDoS Attack: What Is the Cause Behind It?
Telegram Hit by a DDoS Attack: What Is the Cause Behind It? In a recent update, a well-known and notorious threat actor declared their targeting of Telegram. This group initiated the attack after Tele...
Learn More
Sep 07, 2023
Microsoft Reveals How Storm-0558 Acquired the Signing Key: They Stole ...
Microsoft Reveals How Storm-0558 Acquired the Signing Key: They Stole From a Crash Dump Microsoft previously disclosed the successful thwarting of an attack orchestrated by Storm-0558, a threat actor ...
Learn More
Sep 06, 2023
ASUS Routers Under Risk of RCE Attacks: Critical Vulnerabilities Found...
ASUS Routers Under Risk of RCE Attacks: Critical Vulnerabilities Found (CVE-2023-39238, CVE-2023-39239, CVE-2023-39240) Security researchers have recently unearthed three security vulnerabilities affe...
Learn More
Sep 05, 2023
Threat Actors Accessed UK Military Data From Weakest Link
Threat Actors Accessed UK Military Data From Weakest Link On the 13th of August, The LockBit Ransomware group added a new victim to its list. The victim supplier, manufacturing company Zaun, expressed...
Learn More
