Cisco Issues Urgent Patch to Address Critical Flaw in Emergency Responder Systems
Cisco has swiftly taken action to mitigate a significant security vulnerability impacting Emergency Responder systems. This flaw has the potential to be exploited by remote, unauthenticated attackers, allowing unauthorized access to vulnerable systems through hard-coded credentials. Cisco’s…
0 Comments3 Minutes
BMC Firmware in Supermicro Reveals Multiple Critical Vulnerabilities
Recently, it was uncovered that Supermicro’s BMC firmware harbours numerous critical vulnerabilities. Security researchers have identified multiple flaws within the Intelligent Platform Management Interface (IPMI) firmware used in Supermicro baseboard management controllers (BMCs). These…
0 Comments6 Minutes
Microsoft Releases Patches for 103 Flaws in October 2023, Including 2 Active Exploits
Microsoft’s latest Patch Tuesday updates for October 2023 have been released, targeting a total of 103 vulnerabilities in its software. Notably, two of these vulnerabilities have already been actively exploited in the wild. [FREE E-BOOK] The Definite Blueprint for Cybersecurity in…
0 Comments4 Minutes
PEACHPIT: Ad Fraud Botnet on a Massive Scale – Millions of Hacked Android and iOS Devices
PEACHPIT, an ad fraud botnet, harnessed an army of hundreds of thousands of Android and iOS devices to generate illegal earnings for the scheme’s threat actors. This botnet is a component of a more extensive China-based operation called BADBOX, which includes the sale of off-brand mobile and…
0 Comments5 Minutes
Apple Releases Security Updates for Actively Exploited iOS Bug
On Wednesday, Apple swiftly released crucial security updates to address a newly discovered zero-day vulnerability in iOS and iPadOS. The company confirmed that this vulnerability was already under active exploitation in real-world scenarios. This kernel vulnerability, designated as CVE-2023-42824,…
0 Comments4 Minutes
Update Your Android Device Immediately! Google Addresses Two Actively Exploited Vulnerabilities.
In its latest round of security upgrades for October, Google has taken action to address a total of 53 vulnerabilities, with two of them currently under active exploitation by cyber threats. Google’s security alert suggests that these two vulnerabilities are being targeted in a focused and…
0 Comments6 Minutes
Microsoft Issues a Cyber Attack Warning Regarding Attempts to Hack Cloud Using SQL Server Instance
Attackers attempted lateral movement into a cloud environment via a SQL Server instance in a recent campaign, as outlined by Microsoft. In a report published on Tuesday, security experts Sunders Bruskin, Hagai Ran Kestenberg, and Fady Nasereldeen highlighted that “the attackers initially…
0 Comments4 Minutes
FBI Issues Warning About Rising Trend of Dual Ransomware Attacks on U.S. Businesses
Since at least July 2023, the FBI in the United States has been issuing warnings about a concerning new trend: simultaneous ransomware attacks targeting the same victims. According to an FBI advisory, these dual ransomware attacks involved two distinct versions selected from the following variants:…
0 Comments3 Minutes
Microsoft SharePoint Server authentication bypass exploit revealed.
GitHub provides proof-of-concept code for a serious authentication bypass vulnerability in Microsoft SharePoint Server that allows privilege escalation. Unauthenticated attackers can get administrator rights after exploiting CVE-2023-29357 in low-complexity attacks without user interaction. [FREE…
0 Comments3 Minutes
Google Releases Patch for Actively Exploited Zero-Day Vulnerability
Google rolled out fixes on Wednesday to address an actively exploited zero-day vulnerability in the Chrome browser. Tracked as CVE-2023-5217, this high-severity vulnerability is a heap-based buffer overflow in the VP8 compression format within libvpx, a free software video codec library developed…
0 Comments6 Minutes