Browsing category
In an unsettling development that emerged late last week, the open-source community was thrust into a state of high alert following the disclosure that XZ Utils, a fundamental compression utility widespread across Linux distributions, had been compromised. This startling revelation has left a significant mark on the open-source ecosystem, prompting a swift and coordinated response […]
On an unexpected Tuesday, the collision of a container ship with the Francis Scott Key Bridge in Baltimore not only disrupted the normal flow of traffic and commerce but also sparked a vigorous debate on the potential causes of this incident. Among the various theories proposed, the role of cybersecurity—or the lack thereof—has emerged as […]
In the evolving landscape of cybersecurity threats, a new class of Distributed Denial of Service (DDoS) attacks has emerged, exploiting the intricate dance between network services. This phenomenon, known as application-layer loops, presents a sophisticated challenge that goes beyond traditional network-layer defenses. By manipulating two network services into an endless exchange of error messages, attackers […]
Continuous Threat Exposure Management (CTEM) is an evolving cybersecurity practice focused on identifying, assessing, prioritizing, and addressing security weaknesses and vulnerabilities in an organization’s digital assets and networks continuously. Unlike traditional approaches that might assess threats periodically, CTEM emphasizes a proactive, ongoing process of evaluation and mitigation to adapt to the rapidly changing threat landscape. […]
In recent developments, cybersecurity experts have raised alarms over a high-severity vulnerability identified in Kubernetes, marked as CVE-2023-5528. This critical flaw has the potential to allow attackers to execute arbitrary code with system privileges across all Windows endpoints within a cluster. Akamai, a leading global content delivery network, cybersecurity, and cloud service company, has issued […]
In a significant cybersecurity incident, Russian state-backed hackers gained access to some of Microsoft’s core software systems. This breach, first disclosed in January, marks a critical escalation in cyber-espionage activities associated with Russian intelligence agencies. The hackers were able to infiltrate Microsoft’s defenses and access sensitive areas of its network, stealing source code and other […]
The Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the National Security Agency (NSA), Federal Bureau of Investigation (FBI), and international partners, has issued a critical advisory warning about the activities of People’s Republic of China (PRC) state-sponsored cyber actors. These actors, identified under the moniker Volt Typhoon among others, have been implicated in […]
The recent discovery of a significant flaw in the GNU C Library (glibc), a fundamental component of major Linux distributions, has raised serious security concerns. This flaw grants attackers root access, posing a critical threat to the security of Linux systems. Vulnerability in GNU C Library (glibc): The GNU C Library, commonly known as glibc, […]
Recent news about a critical vulnerability in Jenkins, identified as CVE-2024-23897, has raised significant concerns in the cybersecurity community. This vulnerability has been highlighted due to the publication of a Proof of Concept (PoC) exploit, which has increased the risks associated with this issue. Overview of the Vulnerability (CVE-2024-23897) The critical vulnerability in Jenkins, CVE-2024-23897, […]
Varonis Threat Labs has uncovered a significant vulnerability in Microsoft Outlook (CVE-2023-35636) that allows attackers to access NTLM v2 hashed passwords. This discovery also includes vulnerabilities in Windows Performance Analyzer (WPA) and Windows File Explorer, posing serious security risks. What is CVE-2023-35636? CVE-2023-35636 is an exploit targeting the calendar sharing function in Microsoft Outlook. By […]
A recent investigation by Unit 42 of Palo Alto Networks has uncovered a dual privilege escalation chain in Google Kubernetes Engine (GKE). This vulnerability, stemming from specific configurations in GKE’s logging agent FluentBit and Anthos Service Mesh (ASM), presents a significant security risk, potentially allowing attackers unauthorized access to Kubernetes clusters. Kubernetes and GKE Overview: […]
SMTP stands for Simple Mail Transfer Protocol. It’s a protocol used for sending emails across the Internet. SMTP operates on a push model, where the sending server pushes the email to a receiving server or an intermediary mail server. Here are some basic concepts associated with SMTP: Sending and Receiving Servers: SMTP involves at least […]
Recent cybersecurity research has unveiled a critical vulnerability impacting over 1,450 pfSense servers, exposing them to potential remote code execution (RCE) attacks. This vulnerability arises from a combination of command injection and cross-site scripting flaws, posing a significant threat to the security of these widely-used network appliances. Anyone can bypass the Google and AWS Web […]
Cyber criminals have utilized cryptocurrency exchanges like Binance for money laundering due to the pseudonymous nature of digital currencies. Here’s a general overview of how they might do this: Obtaining Cryptocurrency through Illicit Means: Cyber criminals may acquire cryptocurrencies like Bitcoin through illegal activities such as hacking, ransomware attacks, online scams, or dark web transactions. […]
In a startling revelation, Bitdefender, a leading cybersecurity firm, has disclosed a series of sophisticated attack methods that could significantly impact users of Google Workspace and Google Credential Provider for Windows (GCPW). This discovery highlights potential weaknesses in widely used cloud and authentication services, prompting a reevaluation of current security measures. Discovery of Advanced Attack […]
CVE-2023-36052 is a critical security vulnerability in the Azure Command-Line Interface (CLI), a tool for managing Azure resources. This vulnerability, reported by Palo Alto’s Prisma Cloud, allowed unauthenticated attackers to remotely access plaintext contents, including usernames and passwords, from Continuous Integration and Continuous Deployment (CI/CD) logs created using Azure CLI. These logs could be published […]
Living-off-the-land (LotL) techniques in cyber attacks refer to the use of legitimate, native tools already present in the target system to carry out malicious activities. This approach is particularly stealthy because it leverages tools and processes that are typically trusted and thus less likely to raise alarms. In the context of Operational Technology (OT) or […]
CVE-2023-4911 is a serious security vulnerability within the GNU C Library (glibc), specifically in the dynamic loader ld.so, associated with the processing of the GLIBC_TUNABLES environment variable. This vulnerability has been exploited in cloud attacks, particularly by a group using the Kinsing malware for cryptojacking operations. The flaw is a buffer overflow that can be […]
According to a recent study published by the leading cybersecurity agency in France, a hacking organisation affiliated with Russia’s military intelligence agency has been spying on French colleges, corporations, think tanks, and government institutions. The research was published by the agency. Since the second half of 2021, the group of hackers known as Fancy Bear […]
Redcliffe Labs is one of the most comprehensive testing facilities in India. It provides more than 3,600 different diagnostic tests for illnesses and wellbeing. Users of the mobile application have the option of receiving medical diagnostic services in their homes, at medical facilities, or over the internet. These services include in-home full-body examinations, blood testing, […]
The recent Okta breach has raised concerns within the cybersecurity community. On October 20, 2023, Okta, a provider of identity services like multi-factor authentication and single sign-on, disclosed a security breach that involved unauthorized access to its customer support system. The incident came to light when hackers leveraged a stolen credential to infiltrate Okta’s support […]