According to a new Kaspersky report, threat actors have been using Trojanized installers of the TOR anonymity browser to target users in Russia and Eastern Europe with clipper malware since September last year. This malware is designed specifically to siphon…
Apple just rolled out updates for older iPhone and iPad models to fix a security vulnerability known as CVE-2023-23529 that is actively exploited in the wild. The flaw is a type confusion in the WebKit browser engine that could have…
Microsoft recently released guidance to help customers discover indicators of compromise (IoCs) associated with the recently patched, severe Outlook vulnerability known as CVE-2023-23397. What Is CVE-2023-23397? As explained by Microsoft in their advisory, CVE-2023-23397 is a critical elevation of privilege…
On Tuesday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued eight Industrial Control Systems (ICS) advisories, warning of major flaws, such as CVE-2023-1133, in Delta Electronics’ and Rockwell Automation’s equipment. In particular, Delta Electronics’ InfraSuite Device Master, a real-time…
ScarCruft, an advanced persistent threat (APT) actor based in North Korea, has been observed using weaponized Microsoft Compiled HTML Help (CHM) files to download additional malware. AhnLab Security Emergency response Center (ASEC), SEKOIA.IO, and Zscaler have all reported on the…
A new report by Mandiant throws light on the state of zero-day exploitation throughout 2022. In 2022, 55 zero-day vulnerabilities were exploited in the wild, with the majority of the flaws being found in software from Microsoft, Google, and Apple.…
Emotet is making rounds in the wild once again After a brief absence, the infamous Emotet malware is once again being spread, this time through Microsoft OneNote email attachments to evade macro-based security controls and infiltrate systems. What Is Emotet?…
The Akamai Security Intelligence Response Team (SIRT) recently reported the discovery of a newly developed Go-based botnet, named “HinataBot” by researchers. This botnet is focused on Distributed Denial of Service (DDoS) attacks and appears to have been named after a…
Google Project Zero has highlighted a set of dangerous security flaws in Samsung’s Exynos chips, which can be exploited without any user interaction, and grant a threat actor complete control of devices, ranging from Android smartphones to wearables and vehicles.…
On March 15 2023, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security vulnerability affecting Adobe ColdFusion to its Known Exploited Vulnerabilities catalog, based on evidence of active exploitation. This vulnerability, labeled CVE-2023-26360 (CVSS score: 8.6), is classified…
Unknown threat actors have exploited a security flaw in Fortinet’s FortiOS software to gain access to data, cause OS and file corruption, and potentially lead to other malicious activities. The vulnerability, CVE-2022-41328, is a path traversal bug with a CVSS…
Fortinet has identified and fixed 15 security flaws, one of which a critical vulnerability located in FortiOS and FortiProxy. CVE-2023-25610 Technical Overview The vulnerability, identified as CVE-2023-25610, has a severity rating of 9.3 out of 10 on the CVSS scale,…
CVE-2022-36537 is a highly severe vulnerability in the ZK Framework, that CISA (Cybersecurity and Infrastructure Security Agency) just added to its exploit catalogue. Apparently, the vulnerability has been leveraged in the wild in attacks which can lead to retrieving sensitive…
The second Patch Tuesday for 2023 has just rolled out, fixing a total of 75 loopholes across various Microsoft products. Three zero-days were fixed, as well as a critical RCE bug in Microsoft Word which could easily be exploited by…
If you’re an Apple user with various devices, you should pay close attention to the latest updates the company just released. More specifically, security updates for macOS, iOS, iPadOS, and Safari were rolled out to fix a zero-day that has…
OpenSSH contains several new security vulnerabilities, one of which is the critical CVE-2023-25136. The flaw is a pre-authentication double free issue which was introduced in OpenSSH version 9.1. The vulnerability has been addressed in OpenSSH 9.2. The other good news…
CVE-2021-35394 is a critical, remote code execution security vulnerability that affects Realtek Jungle SDK. Rated 9.8 on the CVSS 3.x Severity and Metrics scale, the vulnerability has been weaponized by attackers in ongoing malicious campaigns which were initiated in August…
VMware vRealize Log is vulnerable to several critical security vulnerabilities (CVE-2022-31706, CVE-2022-31704, CVE-2022-31710, CVE-2022-31711). The vulnerabilities were privately reported to the company. Both updates and workarounds are already available to fix the issues. CVE-2022-31706 CVE-2022-31706 is a directory traversal vulnerability.…
The first Patch Tuesday fixes shipped by Microsoft for 2023 have addressed a total of 98 security flaws, many of which are rated as critical, and one is actively exploited in the wild. More specifically, 11 of the vulnerabilities have…
CVE-2022-23529 is a new security vulnerability in the JSONWebToken open source project. The issue was discovered by Unit 42 researchers, and has been rated 7.6 on the CVSS scale (high severity). What Is the JSONWebToken Open Source Project? JSONWebToken is…
