Browser Vulnerability Hits MacOS & Linux
August 8, 2024
A New Threat in Cybersecurity Cybersecurity researchers have discovered a new vulnerability known as “0.0.0.0 Day,” which poses a serious risk to all major web browsers. This flaw allows malicious websites to potentially gain access to local networks, putting sensitive data at risk.…
0 Comments4 Minutes
Phishing Attack Uses Google & WhatsApp Links
August 8, 2024
Overview of the Threat Cybersecurity experts have recently identified a novel phishing campaign that cleverly exploits Google Drawings and WhatsApp-generated shortened URLs to deceive users into handing over sensitive personal information. This new tactic highlights the ever-evolving nature of…
0 Comments4 Minutes
Hackers Exploit Roundcube Webmail Flaws
August 7, 2024
Security Concerns in Roundcube Webmail Security experts have discovered several vulnerabilities in the Roundcube webmail program that could allow attackers to inject malicious JavaScript into a user’s browser, leading to the theft of sensitive data from their account. You might be…
0 Comments4 Minutes
Major Vulnerability in Rockwell Devices
August 6, 2024
Overview of the Vulnerability A significant security flaw has been identified in Rockwell Automation’s ControlLogix 1756 devices, which could allow unauthorized access to system programming and configuration via the common industrial protocol (CIP). This vulnerability, labeled CVE-2024-6242,…
0 Comments4 Minutes
Google Chrome’s Latest Security for Cookies
August 1, 2024
New Challenges for Attackers In a recent update, Chrome has introduced a new security measure that complicates life for attackers. “Since the app-bound service operates with system-level privileges, hackers now need more than just a malicious app to infiltrate a system,” explained…
0 Comments3 Minutes
Over a Million Domains Exposed to Hijacking
August 1, 2024
What is the Sitting Ducks Attack? A recent investigation by Infoblox and Eclypsium has uncovered a major vulnerability in over a million domains, exposing them to a method known as the Sitting Ducks attack. This technique, actively exploited by more than a dozen cybercriminal groups linked to…
0 Comments4 Minutes
DigiCert to Revoke more than 85K SSL/TLS Certificates
July 31, 2024
DigiCert to Revoke Certain SSL/TLS Certificates Due to Domain Validation Issue Summary of the Issue DigiCert has announced that it will revoke a subset of SSL/TLS certificates within 24 hours due to an error in their domain validation process. The company identified that it had not properly…
0 Comments4 Minutes
New Mandrake Spyware Version on Google Play Store
July 30, 2024
Mandrake Spyware Resurfaces in Google Play Store Apps A sophisticated Android spyware known as Mandrake has been detected in five applications available on the Google Play Store. This spyware remained undetected for two years before being discovered. According to Kaspersky, these infected apps…
0 Comments4 Minutes
Chrome Adds Password Verification for Archive Scans
July 25, 2024
Google Chrome has introduced new alerts to help users identify and avoid dangerous downloads. These improved warning messages are designed to provide quick and clear information about the potential risks of downloaded files. You might be interested in: MacOS Users Face New Threat from BeaverTail…
0 Comments4 Minutes
Videos Used to Spread Malware via Telegram
July 24, 2024
A significant security issue, dubbed EvilVideo, was discovered in Telegram’s Android app. This flaw allowed attackers to send harmful files disguised as seemingly harmless videos. Discovery and Resolution Timeline On June 6, 2024, the exploit was listed for sale on an underground forum for an…
0 Comments6 Minutes