Law enforcement agencies from 11 countries have joined forces to dismantle the notorious LockBit ransomware operation in a collaborative effort known as Operation Cronos. This coordinated action marks a significant blow against cybercriminal activity, with the National Crime Agency of…
Google is rolling out a new feature aimed at thwarting malicious websites from exploiting vulnerabilities within users’ internal networks. This innovative safeguard is designed to shield devices such as printers and routers, traditionally deemed safe within home networks, from potential…
Among the latest developments in the field of ransomware innovations is the emergence of ‘MrAgent,’ a new tool unleashed by the RansomHouse ransomware operation. The tool is designed to automate the deployment of the data encrypter across multiple VMware ESXi…
A Chinese-speaking threat actor known as GoldFactory has emerged as a significant player, responsible for the development of highly sophisticated banking trojans. Among its arsenal is a previously undocumented iOS malware named GoldPickaxe, capable of extracting sensitive personal data including…
Microsoft has confirmed the exploitation of a critical security vulnerability in Exchange Server which was addressed in February 2024 Patch Tuesday. This acknowledgment comes just a day after the company issued fixes for the flaw as part of its routine…
Microsoft’s February 2024 Patch Tuesday is already a fact, bringing forth a number of security updates. This month’s release addresses a total of 73 flaws, with a particular focus on tackling two actively exploited zero-day vulnerabilities that have been causing…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added a vulnerability in the Roundcube email software to its Known Exploited Vulnerabilities (KEV). Identified as CVE-2023-43770 with a CVSS score of 6.1, this cross-site scripting (XSS) vulnerability has been actively…
Recent iterations of the Raspberry Robin malware have raised alarm among cybersecurity experts due to their increased stealth and utilization of one-day (n-day, or known) exploits targeting vulnerable systems. These exploits, designed to leverage recently patched vulnerabilities, capitalize on delays…
Security researchers have uncovered a new sophisticated backdoor targeting macOS and dubbed RustDoor also known as Trojan.MAC.RustDoor. Operative since November 2023, this malicious software, identified by Bitdefender, operates under the guise of a Microsoft Visual Studio update, posing a grave…
Hyundai Motor Europe, the European division of Hyundai Motor Company, headquartered in Germany, has fallen victim to a devastating double extortion ransomware attack. The attack, perpetrated by the Black Basta ransomware gang, has resulted in the theft of three terabytes…
Fortinet has recently uncovered a critical security vulnerability, designated as CVE-2024-21762, within its FortiOS SSL VPN software. This flaw, with a severity score of 9.6 on the CVSS scale, enables remote attackers to execute arbitrary code or commands via specially…
The developers behind shim, the essential software component utilized as a first-stage boot loader on UEFI systems, have recently unveiled version 15.8, aiming to rectify six security vulnerabilities. Among them, a critical bug poses a severe threat, potentially enabling remote…
JetBrains, the renowned developer of integrated development environments, has issued a critical alert urging all customers to update their TeamCity On-Premises servers. CVE-2024-23917 Should Be Patched Urgently The urgency stems from a severe authentication bypass vulnerability, tracked as CVE-2024-23917, discovered…
Trustwave SpiderLabs’ recent report uncovered the usage of fake Facebook job ads to lure victims into installing a new Windows-based stealer malware called Ov3r_Stealer. Ov3r_Stealer Malware Modus Operandi Ov3r_Stealer is a multifaceted malware designed to steal sensitive information such as…
A critical server-side request forgery vulnerability (CVE-2024-21893), affecting Ivanti Connect Secure and Policy Secure products has been exploited at an alarming scale, raising significant concerns in the cybersecurity community. The Shadowserver Foundation reported a surge in exploitation attempts, originating from…
The Mispadu banking Trojan has once again made headlines, leveraging a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico. Palo Alto Networks Unit 42, in a recent report, disclosed details of a new variant of the malware,…
Cloudflare, the leader in web infrastructure, has publicly revealed the details of a highly sophisticated nation-state attack that unfolded between November 14 and 24, 2023. The assailants, employing stolen credentials, gained unauthorized access to Cloudflare’s Atlassian server, allowing them to…
Cybersecurity firm Mandiant recently uncovered a financially motivated threat actor, UNC4990, utilizing USB devices for initial infections. The group is exploiting legitimate online platforms such as GitHub, Vimeo, and Ars Technica. The threat actor cleverly hides encoded payloads within seemingly…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added a high-severity flaw to its Known Exploited Vulnerabilities (KEV) catalog, affecting a spectrum of Apple devices, including iOS, iPadOS, macOS, tvOS, and watchOS. CVE-2022-48618: Technical Overview Tracked as CVE-2022-48618 with…
A vulnerability has been identified in GitLab CE/EE, impacting all versions from 16.0 to 16.5.8, 16.6 to 16.6.6, 16.7 to 16.7.4, and 16.8 to 16.8.1. This flaw enables authenticated users to write files to any location on the GitLab server…
