Bumblebee is the name of a new malware downloader used by multiple threat actors that previously delivered BazaLoader and IcedID. In other words, these threat actors have replaced the two malware pieces with the newer Bumblebee. BazaLoader, in particular, hasn’t…
Which were the most routinely exploited security vulnerabilities in 2021? A new report released by CISA in cooperation with the authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom revealed an advisory containing the most exploited…
Microsoft discovered several vulnerabilities affecting Linux desktop computers. The vulnerabilities, collectively dubbed Nimbuspwn, can be chained together to achieve elevation of privileges and subsequently execute various malicious payloads, such as a root backdoor, via remote arbitrary root code execution. Identified…
A new Check Point security research, dubbed ALHACK, reveals vulnerabilities in the ALAC format of the audio decoders of Qualcomm and MediaTek chips. The vulnerabilities could grant threat actors with remote access to media and audio conversations of affected devices.…
A new hacking campaign has been initiated by the Lazarus threat group that targets organizations in the cryptocurrency and blockchain industries. The hackers are using trojanized cryptocurrency applications and social engineering tricks to lure employees into downloading and running malicious…
A newly disclosed zero-click iMessage exploit could be used to install NSO Group spyware on iPhones of Catalan politicians, journalists, and activities. The discovery comes from Citizen Lab researchers who called the zero-click flaw HOMAGE. The latter affects iOS versions…
Three recently disclosed (and patched), high impact BIOS security vulnerabilities in Lenovo could lead to UEFI (Unified Extensible Firmware Interface) attacks. Discovered by security researcher Martin Smolár and assigned with the following identifiers CVE-2021-3970, CVE-2021-3971, and CVE-2021-3972, the flaws could…
Another critical VMware vulnerability which could put cloud infrastructures at risk of remote code execution attacks. CVE-2022-22966 VMware Cloud Director Vulnerability CVE-2022-22966 is a critical issue in VMware Cloud Director product, with a CVSS score of 9.1 out of 10,…
Did you install the emergency patches for Google Chrome that address two security vulnerabilities, one of which is exploited in the wild? CVE-2022-1364 Exploited in the Wild CVE-2022-1364 is a type confusion vulnerability in the V8 JavaScript engine reported by…
Security researchers detected a vulnerability in the Rarible NFT marketplace, which enables users to create, buy and sell digital NFT art pieces. The company has a trading volume of $273 million in 2021, and more than 2.1 million users. This…
Multiple vulnerabilities in the Citrix product portfolio were patched, including a high-severity bug in SD-WAN. CVE-2022-27505 in SD-WAN The latter has been tracked as CVE-2022-27505, and is a reflected cross-site scripting (XSS) issue which is a result of improper input…
Microsoft just released its April 2022 Patch Tuesday, containing fixes for one vulnerability exploited in the wild (CVE-2022-24521), and another one that was disclosed publicly. The company patched a total of 128 bugs, among which 10 critical remote code execution…
WEB WatchGuard Firebox Authentication Vulnerability (CVE-2022-23176) CVE-2022-23176 is a privilege escalation vulnerability in WatchGuard Firebox and XTM appliances. The vulnerability could allow a remote, unprivileged threat actor to access the system with a privileged management session via an exposed management…
Five security vulnerabilities, called JekyllBot:5 (CVE-2022-1066, CVE-2022-26423, CVE-2022-1070, CVE-2022-27494, and CVE-2022-1059) were fixed in Aethon TUG smart autonomous mobile robots. Fortunately, the vulnerabilities haven’t been exploited in the wild. JekyllBot:5 Vulnerabilities in Aethon TUG Mobile Robots The mobile robots are…
Cybersecurity researchers detected a new TDS (Traffic Direction System), called Parrot, that uses tens of thousands of compromised websites. Parrot TDS Uses a Large Network of Infected Sites Parrot TDS has infected multiple web servers that host more than 16,500…
There’s a new information stealer on the rise, and security researchers say that it is currently being distributed in malspam campaigns. In other words, the so-called META infostealer is delivered via malicious spam in email messages (attachments). Since the infamous…
Google has developed a new Privacy Guide for its Chrome browser. Privacy Guide for Google Chrome The feature has been created by the Google Safety Engineering Center (GSEC), and has been described as “a step-by-step guided tour of some existing…
Security researchers detected a new phishing scam targeting various organizations across healthcare, education, and healthcare sectors. Approximately 27,660 mailboxes have been reached by the suspicious email messages. ArmorBlox researchers provided more details about the phishing attack. New Phishing Campaign Uses…
Apple recently released two emergency patches to fix two actively exploited zero-days in Apple’s macOS and iOS (reported anonymously). The company said the flaws have been exploited in the wild. The vulnerabilities have been fixed in iOS and iPadOS 15.4.1,…
VMware has fixed a total of eight security vulnerabilities in several of its products, including VMware Workspace ONE Access, VMware Identity Manager, VMware vRealize Automation, VMware Cloud Foundation, and vRealize Suite Lifecycle Manager. It is noteworthy that some of the…
