ToyotaLift Northeast Cyber Attack Claimed By 8BASE Hackers!
The 8BASE ransomware group recently listed an authorized Toyota forklift dealer on its list of victims. The hacker collective allegedly has data from the website…
Month: August 2023
GitHub Paid Out $1.5 Million in Bug Bounties in 2022
Microsoft-owned code hosting platform GitHub on Tuesday announced that it paid out more than $1.57 million in rewards through its bug bounty program between February…
New study by AMD finds nearly half of organisations are not ready for AI
Yesterday, AMD released the findings from a new survey of global IT leaders[i] which found that 3 in 4 IT leaders are optimistic about the…
(Re)check your patched NetScaler ADC and Gateway appliances for signs of compromise
Administrators of Citrix NetScaler ADC and Gateway appliances should check for evidence of installed webshells even if they implemented fixes for CVE-2023-3519 quickly: A recent…
Critical Security Flaws Affect Ivanti Avalanche, Threatening 30,000 Organizations
Aug 16, 2023THNSoftware Security / Cyber Threat Multiple critical security flaws have been reported in Ivanti Avalanche, an enterprise mobile device management solution that’s used…
OAuth and PostMessage
Tl;DR; An OAuth misconfiguration was discovered in the redirect_uri parameter at the target’s OAuth IDP at https://app.target.com/oauth/authorize, which allowed attackers to control the path of…
Chrome 116 Patches 26 Vulnerabilities
Google on Tuesday announced the release of Chrome 116 to the stable channel with patches for 26 vulnerabilities, including 21 reported by external researchers. Of…
2000+ Citrix NetScalers Hacked to Deploy Web shell
It has been discovered that an attacker installed web shells on susceptible Citrix NetScalers, exploiting the CVE-2023-3519 flaw to acquire persistent access. This critical zero-day…
Forging A Resilient Digital Future
Kuala Lumpur, 16 August 2023 — The highly anticipated inaugural Cyber Digital Services Defence & Security Asia (CyberDSA) 2023 has officially commenced at the Kuala…
Ivanti Avalanche vulnerable to attack by unauthenticated, remote attackers (CVE-2023-32560)
Two stack-based buffer overflow bugs (collectively designated as CVE-2023-32560) have been discovered in Ivanti Avalanche, an enterprise mobility management solution. A buffer overflow arises when…
Two stack buffer overflows found in Ivanti Avalanche EMMSecurity Affairs
Ivanti Avalanche EMM product is impacted by two buffer overflows collectively tracked as CVE-2023-32560. Tenable researchers discovered two stack-based buffer overflows, collectively tracked as CVE-2023-32560 (CVSS…
Gigabud RAT Attacking Android Users to Steal Banking Credentials
Recent reports indicate that GigaBud malware has been targeting more than 99 financial institutions in Thailand, Indonesia, Vietnam, the Philippines, and Peru. GigaBud is an…