Browsing category
In recent weeks, a hacker collective calling itself Anonymous Sudan has been responsible for launching distributed denial of service attacks (DDoS) on a number of Microsoft services, including Outlook, OneDrive, and Microsoft Azure, amongst others. These attack events, which typically lasted between one and two hours, were successful in their goal of crippling Microsoft’s services […]
Microsoft Azure Bastion and Azure Container Registry have each been found to have one potentially “dangerous” security flaw that, if taken advantage of, may have resulted in a cross-site scripting (XSS) attack being carried out on the affected service. XSS attacks take occur when threat actors insert arbitrary code into a website that would otherwise […]
In the constantly shifting field of cybersecurity, new problems are always cropping up, which requires prompt attention and comprehensive answers. A severe flaw in the Citrix customer-managed ShareFile storage zones controller has just come to light as a result of a recent discovery, and as a result, immediate correction is required. This potentially dangerous vulnerability […]
The ever-changing topography of cyberspace always results in the introduction of new security flaws and vulnerabilities. A major vulnerability, which is now known as CVE-2023-34000 and has a CVSS score of 7.5, has been discovered in the WooCommerce Stripe Gateway Plugin, which has prompted an urgent call to action for both site administrators and security […]
Following events that have affected at least a half dozen other comparable institutions in recent months, the Kaiserslautern University of Applied Sciences (HS Kaiserslautern) has become the latest German-speaking university to be targeted by a ransomware attack. HS Kaiserslautern is one of the major applied science universities in the state of Rhineland-Palatinate, which is located […]
Experts from Microsoft Defender discovered a multi-stage adversary-in-the-middle (AiTM) phishing and business email compromise (BEC) attack that targeted firms that provide banking and financial services. The attack began with the penetration of a reliable third-party vendor and progressed into a string of AiTM attacks as well as subsequent BEC activities that spread across many businesses. […]
As more organizations come out to declare data breaches that were caused by the program’s flaws, the developer of the popular MOVEit file transfer tool has revealed that its software has a second flaw that makes it susceptible to vulnerabilities. The software business Progress said on Friday that after the discovery of the initial vulnerability, […]
According to the findings of recent study conducted, harmful packages may be readily propagated into development environments with the assistance of ChatGPT, which can be used by attackers. In a blog post published, researchers from Vulcan Cyber outlined a novel method for propagating malicious packages that they dubbed “AI package hallucination.” The method was conceived […]
The most widely used web browser in the world, Google Chrome, has been found to have a critical zero-day vulnerability that has been actively exploited in the wild. Confirming the severity of the danger, Google rapidly sent fixes to desktop versions of the Chrome browser on Tuesday in order to close the security vulnerability discovered […]
The Federal Bureau of Investigation (FBI) has issued a warning about an emerging pattern in which bad actors are increasingly producing deepfake video in order to carry out sextortion attacks. Threatening to make sexually explicit images or films of a victim public or share them with the victim’s family and friends is an example of […]
The most people use Gmail, which has a total user base of a staggering 1.5 billion people. This represents 18.75% of the total population of the planet. The security mechanisms of Gmail are well-known for their effectiveness in preventing hackers from gaining control of user accounts. Gmail has included a new function that displays an […]
The significance of keeping one’s data safe has never been more pressing than it is in today’s increasingly linked society. Zero-day vulnerabilities are known to often hide in the shadows of our digital landscapes, where they patiently wait to be exploited. Today, we are going to shed light on one of these recently discovered vulnerabilities […]
The Russian Federal Security Service (FSB) has accused the United States Intelligence Community of hacking into “thousands of Apple phones” in order to conduct surveillance on Russian diplomats. The United States targeted iOS devices using malware that had not been seen before, according to a statement that was released by the FSB on Thursday. The […]
According to Reuters, Toyota Motor Corporation has admitted to a huge data breach that has left customer information exposed throughout Oceania and Asia, with the exception of Japan, for more than six years. According to the information provided by the manufacturer, the data may have been available to the general public between October 2016 and May […]
Researchers at the cybersecurity firm Eclypsium, which focuses on firmware, reported today that they have found a secret backdoor in the firmware of motherboards manufactured by the Taiwanese manufacturer Gigabyte. Gigabyte’s components are often used in gaming PCs and other high-performance systems. Eclypsium discovered that whenever a computer with the affected Gigabyte motherboard restarts, code inside […]
When a victim visits a website ending in .ZIP, a recently developed phishing method known as “file archiver in the browser” may be used to “emulate” file-archiving software in the target’s web browser. According to information published by a security researcher named mr.d0x last week, “with this phishing attack, you simulate a file archiver software […]
For your online application or server to be secure, SSL/TLS certificates are necessary. While many trustworthy certificate authorities charge a fee for SSL/TLS certificates, it is also feasible to create your own certificate using OpenSSL. Self-signed certificates may nonetheless encrypt your online traffic even if they don’t have the approval of a reputable organization. The […]
According to a report published by SentinelLabs on Thursday, a Brazilian hacking crew targeted users of more than 30 Portuguese financial institutions earlier this year in a campaign that provides the latest example of powerful, financially motivated hackers in Brazil targeting targets outside of the country’s borders. The campaign was part of a campaign that […]
GitLab Inc. is an open-core corporation that runs GitLab, a software package that may be used to build, protect, and administer software. GitLab is operated by GitLab Inc. Large DevOps and DevSecOps projects may benefit from using GitLab since it provides a repository for open source code and a platform for collaborative software development. GitLab […]
WinTapix is a driver developed by Microsoft for Windows.Donut is a position-independent shellcode that is used by this driver. It loads.NET Assemblies, PE files, and other Windows payloads from memory and then executes them with arguments. According to the findings of the analysis conducted by Fortinet specialists on the sample, the component in question is […]
Python Package Index (PyPI), the official third-party software repository for the Python programming language, has temporarily restricted the ability for users to sign up and submit new packages until further notice. This change was made by the administrators of PyPI. PyPI, the official third-party repository for open-source Python packages, has implemented new security measures in […]