Security researchers uncover a new clipper malware campaign targeting Portuguese speakers. Meet CryptoClippy Palo Alto’s Unit 42 team recently uncovered a malicious campaign that is targeting Portuguese speakers with a type of malware known as a cryptocurrency clipper (clipper malware).…
This week, HP released a security bulletin regarding a critical-severity vulnerability affecting the firmware of some business-grade printers. The vulnerability, tracked as CVE-2023-1707, impacts approximately 50 models of HP Enterprise LaserJet and HP LaserJet Managed Printers. CVE-2023-1707: HP Printer Vulnerability…
Security researchers discovered a new, highly sophisticated ransomware. Check Point Research (CPR) and Check Point Incident Response Team (CPIRT) identified a previously unknown ransomware strain, dubbed Rorschach, that was deployed against a US-based company. Rorschach does not bear any similarities…
On Monday, Western Digital, a popular data storage devices maker, revealed that its systems had been accessed without authorization on March 26, 2023. An unnamed third party was able to gain access to some of the company’s systems, according to…
Microsoft addressed a serious vulnerability that impacted the Azure Active Directory (ADD). The ADD vulnerability impacted several crucial applications and could lead to unauthorized access. One of the exposed applications powers the Bing.com search engine. The vulnerability allowed for modifying…
A vulnerability in Azure Service Fabric Explorer (SFX) was recently patched. CVE-2023-23383: Discovery and Technical Overview Security firm Orca discovered a serious security flaw in Azure Service Fabric Explorer that could be taken advantage of by sending a constructed URL…
The Google Threat Analysis Group (TAG) recently unearthed that two separate campaigns were conducted last year in order to exploit a number of zero-day and n-day vulnerabilities on Android and iOS devices. What is an n-day vulnerability? An N-day exploit…
According to a new Kaspersky report, threat actors have been using Trojanized installers of the TOR anonymity browser to target users in Russia and Eastern Europe with clipper malware since September last year. This malware is designed specifically to siphon…
Apple just rolled out updates for older iPhone and iPad models to fix a security vulnerability known as CVE-2023-23529 that is actively exploited in the wild. The flaw is a type confusion in the WebKit browser engine that could have…
Microsoft recently released guidance to help customers discover indicators of compromise (IoCs) associated with the recently patched, severe Outlook vulnerability known as CVE-2023-23397. What Is CVE-2023-23397? As explained by Microsoft in their advisory, CVE-2023-23397 is a critical elevation of privilege…
On Tuesday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued eight Industrial Control Systems (ICS) advisories, warning of major flaws, such as CVE-2023-1133, in Delta Electronics’ and Rockwell Automation’s equipment. In particular, Delta Electronics’ InfraSuite Device Master, a real-time…
ScarCruft, an advanced persistent threat (APT) actor based in North Korea, has been observed using weaponized Microsoft Compiled HTML Help (CHM) files to download additional malware. AhnLab Security Emergency response Center (ASEC), SEKOIA.IO, and Zscaler have all reported on the…
A new report by Mandiant throws light on the state of zero-day exploitation throughout 2022. In 2022, 55 zero-day vulnerabilities were exploited in the wild, with the majority of the flaws being found in software from Microsoft, Google, and Apple.…
Emotet is making rounds in the wild once again After a brief absence, the infamous Emotet malware is once again being spread, this time through Microsoft OneNote email attachments to evade macro-based security controls and infiltrate systems. What Is Emotet?…
The Akamai Security Intelligence Response Team (SIRT) recently reported the discovery of a newly developed Go-based botnet, named “HinataBot” by researchers. This botnet is focused on Distributed Denial of Service (DDoS) attacks and appears to have been named after a…
Google Project Zero has highlighted a set of dangerous security flaws in Samsung’s Exynos chips, which can be exploited without any user interaction, and grant a threat actor complete control of devices, ranging from Android smartphones to wearables and vehicles.…
On March 15 2023, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security vulnerability affecting Adobe ColdFusion to its Known Exploited Vulnerabilities catalog, based on evidence of active exploitation. This vulnerability, labeled CVE-2023-26360 (CVSS score: 8.6), is classified…
Unknown threat actors have exploited a security flaw in Fortinet’s FortiOS software to gain access to data, cause OS and file corruption, and potentially lead to other malicious activities. The vulnerability, CVE-2022-41328, is a path traversal bug with a CVSS…
Fortinet has identified and fixed 15 security flaws, one of which a critical vulnerability located in FortiOS and FortiProxy. CVE-2023-25610 Technical Overview The vulnerability, identified as CVE-2023-25610, has a severity rating of 9.3 out of 10 on the CVSS scale,…
CVE-2022-36537 is a highly severe vulnerability in the ZK Framework, that CISA (Cybersecurity and Infrastructure Security Agency) just added to its exploit catalogue. Apparently, the vulnerability has been leveraged in the wild in attacks which can lead to retrieving sensitive…
