HP has fixed two high-severity BIOS vulnerabilities in many of its PC and notebook products. The vulnerabilities, tracked as CVE-2021-3808 and CVE-2021-3809, could allow threat actors to run code with kernel privileges. This type of attack can be described as…
Security researchers say that the notorious ransomware REvil, also known as Sodinokibi, has returned after laying low for six months. The Return of REvil/Sodinokibi Ransowmare Gang According to Secureworks Counter Threat Unit (CTU) researchers, analysis of some recently uploaded to…
CVE-2022-29972 is a security vulnerability in Azure Synapse and Azure Data Factory pipelines that could let threat actors execute remote commands in the Integration Runtime Infrastructure (IR). Microsoft explains that the IR is a compute infrastructure utilized by Azure Data…
CVE-2022-1388 is a critical remote code execution vulnerability that affects F5 BIG-IP multi-purpose networking devices and modules. There are now warnings about in-the-wild exploit attempts weaponizing the vulnerability, in addition to an available PoC (proof of concept) developed by security…
Cisco patched three security vulnerabilities affecting its Enterprise NFV Infrastructure Software. The flaws could allow an attacker to obtain full control of the exposed hosts. It is important to note that the vulnerabilities, tracked as CVE-2022-20777, CVE-2022-20779, and CVE-2022-20780, are…
Black Basta is a new ransomware first detected in the middle of April 2022. According to Minerva researchers, the ransomware “has already caused substantial damage to over ten organizations.” Two of its recent victims include Deutsche Windtechnik and the American…
A security researcher known by the moniker h3perlinx discovered vulnerabilities in some of the most common ransomware families, including Conti, REvil, LockBit, AvosLocker, and the recently discovered Black Basta. Security Researcher Discovers Weaknesses in Popular Malware The discovered weaknesses could…
A new phishing attack leveraging Google’s SMTP relay service has been detected delivering phishing emails to users. The attack has been observed by Avanan security researchers. Google’s SMTP Service Abused What is SMTP? This type of service helps businesses send…
Bumblebee is the name of a new malware downloader used by multiple threat actors that previously delivered BazaLoader and IcedID. In other words, these threat actors have replaced the two malware pieces with the newer Bumblebee. BazaLoader, in particular, hasn’t…
Which were the most routinely exploited security vulnerabilities in 2021? A new report released by CISA in cooperation with the authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom revealed an advisory containing the most exploited…
Microsoft discovered several vulnerabilities affecting Linux desktop computers. The vulnerabilities, collectively dubbed Nimbuspwn, can be chained together to achieve elevation of privileges and subsequently execute various malicious payloads, such as a root backdoor, via remote arbitrary root code execution. Identified…
A new Check Point security research, dubbed ALHACK, reveals vulnerabilities in the ALAC format of the audio decoders of Qualcomm and MediaTek chips. The vulnerabilities could grant threat actors with remote access to media and audio conversations of affected devices.…
A new hacking campaign has been initiated by the Lazarus threat group that targets organizations in the cryptocurrency and blockchain industries. The hackers are using trojanized cryptocurrency applications and social engineering tricks to lure employees into downloading and running malicious…
A newly disclosed zero-click iMessage exploit could be used to install NSO Group spyware on iPhones of Catalan politicians, journalists, and activities. The discovery comes from Citizen Lab researchers who called the zero-click flaw HOMAGE. The latter affects iOS versions…
Three recently disclosed (and patched), high impact BIOS security vulnerabilities in Lenovo could lead to UEFI (Unified Extensible Firmware Interface) attacks. Discovered by security researcher Martin Smolár and assigned with the following identifiers CVE-2021-3970, CVE-2021-3971, and CVE-2021-3972, the flaws could…
Another critical VMware vulnerability which could put cloud infrastructures at risk of remote code execution attacks. CVE-2022-22966 VMware Cloud Director Vulnerability CVE-2022-22966 is a critical issue in VMware Cloud Director product, with a CVSS score of 9.1 out of 10,…
Did you install the emergency patches for Google Chrome that address two security vulnerabilities, one of which is exploited in the wild? CVE-2022-1364 Exploited in the Wild CVE-2022-1364 is a type confusion vulnerability in the V8 JavaScript engine reported by…
Security researchers detected a vulnerability in the Rarible NFT marketplace, which enables users to create, buy and sell digital NFT art pieces. The company has a trading volume of $273 million in 2021, and more than 2.1 million users. This…
Multiple vulnerabilities in the Citrix product portfolio were patched, including a high-severity bug in SD-WAN. CVE-2022-27505 in SD-WAN The latter has been tracked as CVE-2022-27505, and is a reflected cross-site scripting (XSS) issue which is a result of improper input…
Microsoft just released its April 2022 Patch Tuesday, containing fixes for one vulnerability exploited in the wild (CVE-2022-24521), and another one that was disclosed publicly. The company patched a total of 128 bugs, among which 10 critical remote code execution…
