Recent iterations of the Raspberry Robin malware have raised alarm among cybersecurity experts due to their increased stealth and utilization of one-day (n-day, or known) exploits targeting vulnerable systems. These exploits, designed to leverage recently patched vulnerabilities, capitalize on delays…
Security researchers have uncovered a new sophisticated backdoor targeting macOS and dubbed RustDoor also known as Trojan.MAC.RustDoor. Operative since November 2023, this malicious software, identified by Bitdefender, operates under the guise of a Microsoft Visual Studio update, posing a grave…
Hyundai Motor Europe, the European division of Hyundai Motor Company, headquartered in Germany, has fallen victim to a devastating double extortion ransomware attack. The attack, perpetrated by the Black Basta ransomware gang, has resulted in the theft of three terabytes…
Fortinet has recently uncovered a critical security vulnerability, designated as CVE-2024-21762, within its FortiOS SSL VPN software. This flaw, with a severity score of 9.6 on the CVSS scale, enables remote attackers to execute arbitrary code or commands via specially…
The developers behind shim, the essential software component utilized as a first-stage boot loader on UEFI systems, have recently unveiled version 15.8, aiming to rectify six security vulnerabilities. Among them, a critical bug poses a severe threat, potentially enabling remote…
JetBrains, the renowned developer of integrated development environments, has issued a critical alert urging all customers to update their TeamCity On-Premises servers. CVE-2024-23917 Should Be Patched Urgently The urgency stems from a severe authentication bypass vulnerability, tracked as CVE-2024-23917, discovered…
Trustwave SpiderLabs’ recent report uncovered the usage of fake Facebook job ads to lure victims into installing a new Windows-based stealer malware called Ov3r_Stealer. Ov3r_Stealer Malware Modus Operandi Ov3r_Stealer is a multifaceted malware designed to steal sensitive information such as…
A critical server-side request forgery vulnerability (CVE-2024-21893), affecting Ivanti Connect Secure and Policy Secure products has been exploited at an alarming scale, raising significant concerns in the cybersecurity community. The Shadowserver Foundation reported a surge in exploitation attempts, originating from…
The Mispadu banking Trojan has once again made headlines, leveraging a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico. Palo Alto Networks Unit 42, in a recent report, disclosed details of a new variant of the malware,…
Cloudflare, the leader in web infrastructure, has publicly revealed the details of a highly sophisticated nation-state attack that unfolded between November 14 and 24, 2023. The assailants, employing stolen credentials, gained unauthorized access to Cloudflare’s Atlassian server, allowing them to…
Cybersecurity firm Mandiant recently uncovered a financially motivated threat actor, UNC4990, utilizing USB devices for initial infections. The group is exploiting legitimate online platforms such as GitHub, Vimeo, and Ars Technica. The threat actor cleverly hides encoded payloads within seemingly…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) recently added a high-severity flaw to its Known Exploited Vulnerabilities (KEV) catalog, affecting a spectrum of Apple devices, including iOS, iPadOS, macOS, tvOS, and watchOS. CVE-2022-48618: Technical Overview Tracked as CVE-2022-48618 with…
A vulnerability has been identified in GitLab CE/EE, impacting all versions from 16.0 to 16.5.8, 16.6 to 16.6.6, 16.7 to 16.7.4, and 16.8 to 16.8.1. This flaw enables authenticated users to write files to any location on the GitLab server…
A newly disclosed security vulnerability in the GNU C library (glibc) has raised significant concerns within the cybersecurity community. Tracked as CVE-2023-6246, this heap-based buffer overflow flaw has the potential to allow malicious local attackers to obtain full root access…
In a recent discovery by Fortinet FortiGuard Labs, a new iteration of the Phobos ransomware family, known as Faust, has been detected in the wild. More particularly, the researchers came across an Office document housing a VBA script designed to…
The U.S. National Security Agency (NSA) has confirmed its practice of buying internet browsing records from data brokers, raising concerns about potential privacy violations. According to U.S. Senator Ron Wyden, the NSA’s admission came as part of efforts to identify…
Cisco has recently issued patches to rectify a critical security vulnerability affecting Unified Communications and Contact Center Solutions products, presenting a potential risk of arbitrary code execution by an unauthenticated, remote attacker. Vulnerability Details (CVE-2024-20253) The flaw, tracked as CVE-2024-20253…
A new Go-based malware loader named CherryLoader has surfaced in the wild, posing a significant threat by delivering additional payloads onto compromised hosts for subsequent exploitation. CherryLoader Malware Loader in Detail CherryLoader operates deceptively, disguising itself as the legitimate CherryTree…
Cybersecurity experts from Kaspersky have uncovered a sophisticated method employed by hackers to deliver information-stealing malware to macOS users. This insidious campaign employs a stealthy approach, utilizing DNS records to conceal malicious scripts and target users of macOS Ventura and…
Malicious actors swiftly seized upon a recently exposed critical security vulnerability affecting Atlassian Confluence Data Center and Confluence Server, launching active exploitation campaigns within a mere three days of its public disclosure. Threat Actors Weaponizing CVE-2023-22527 Identified as CVE-2023-22527 with…
