Deceptive Tactics through a Fake Windows News Portal
November 8, 2023
Recent findings reveal a novel malvertising strategy employing counterfeit websites masquerading as legitimate Windows news portals. The primary objective is to propagate a malevolent installation of CPU-Z, a widely recognized system benchmarking utility. [FREE E-BOOK] The Definite Blueprint for…
0 Comments5 Minutes
A new type of GootLoader malware is hard to catch and spreads quickly.
November 7, 2023
Researchers have discovered that non-privileged attackers are exploiting as many as 34 distinct Windows Driver Model (WDM) and Windows Driver Frameworks (WDF) drivers with vulnerabilities, enabling them to achieve complete control over the associated devices and execute any desired code on the…
0 Comments4 Minutes
Google’s Security Measures Fall Short Against SecuriDropper
November 6, 2023
Cybersecurity experts have discovered a new Android Dropper-as-a-Service (DaaS) named SecuriDropper, which successfully bypasses Google’s latest security protocols, enabling the delivery of malware. Dropper malware for Android serves as a means to deliver a payload to an already compromised…
0 Comments4 Minutes
Researchers Uncover Vulnerabilities in 34 Windows Drivers
November 2, 2023
Researchers have discovered that non-privileged attackers are exploiting as many as 34 distinct Windows Driver Model (WDM) and Windows Driver Frameworks (WDF) drivers with vulnerabilities, enabling them to achieve complete control over the associated devices and execute any desired code on the…
0 Comments3 Minutes
F5 warns of active attacks that take advantage of a BIG-IP vulnerability
November 1, 2023
F5 is alerting the public about an active misuse of a critical security vulnerability in BIG-IP, all within a week of the flaw’s public disclosure. The continued exploitation of this vulnerability, resulting in the execution of arbitrary system commands as part of an attack chain, is the…
0 Comments4 Minutes
Infected NuGet Packages Unearthed Distributing the SeroXen Remote Administration Tool
October 31, 2023
Within the realm of information security, diligent researchers have unveiled a fresh wave of malicious packages distributed via the NuGet package manager. These packages employ a less recognized malware distribution strategy. [FREE E-BOOK] The Definite Blueprint for Cybersecurity in Manufacturing…
0 Comments4 Minutes
Hackers Infecting Windows PCs with GHOSTPULSE via MSIX App Packages
October 30, 2023
A recently unveiled cyber assault campaign has uncovered a new threat in the form of GHOSTPULSE, a novel malware loader. This threat is spreading by mimicking MSIX Windows program package files of popular software such as Google Chrome, Microsoft Edge, Brave, Grammarly, and Cisco Webex. These…
0 Comments4 Minutes
VMware Releases Critical Patch for Remote Code Execution Vulnerability in vCenter Server
October 26, 2023
VMware has taken swift action to address a critical vulnerability in the vCenter Server that could potentially lead to remote code execution on vulnerable systems. The discovery of this flaw was made by VMware itself, and the company has promptly responded by issuing crucial security updates. An…
0 Comments3 Minutes
Critical Flaws Discovered in OAuth Platforms: Grammarly, Vidio, and Bukalapak
October 26, 2023
The Open Authorization (OAuth) implementation in well-known web services, such as Grammarly, Vidio, and Bukalapak, has come under scrutiny due to critical security issues. These vulnerabilities extend from previous shortcomings identified in Booking.com and Expo. [FREE E-BOOK] The Definite…
0 Comments4 Minutes
Cisco’s Discovery: A Second Zero-Day Vulnerability Despite the Decline in Hacked Devices
October 25, 2023
Cisco, a cybersecurity industry leader, recently brought a troubling revelation to light—an additional zero-day vulnerability actively exploited in IOS XE. This discovery occurs alongside a noteworthy reduction in compromised devices. In a proactive move, Cisco issued a warning to its valued…
0 Comments6 Minutes