Eve – Stealing Wi-Fi Passwords by Eavesdropping
Mobile devices and apps play a growing role in user identification, but password theft, resembling identity theft, invites diverse eavesdropping attacks, including stealthy indirect ones…
Month: September 2023
Deceptive Honeypot For Hackers By Cybersecurity Researchers
In a strategic move to outwit cybercriminals, a dedicated team of cybersecurity researchers devised an operation centered around the creation and strategic storage of fabricated…
PHPFusion Flaw Allows Attackers to Read Critical System Data
On Tuesday, Synopsys addressed High and medium vulnerabilities CVE-2023-2453, and CVE-2023-4480 discovered in PHPFusion by the researchers. PHPFusion is an open-source content management system (CMS)…
Hackers Using ChatGPT to Generate Malware & Social Engineering Threats
Large language models (LLMs) and generative AI are rapidly advancing globally, offering great utility but also raising misuse concerns. The rapid modernization of generative AI…
Hackers Use Weaponized LNK Files to Deploy RedEyes Malware
AhnLab Security Emergency Response Center (ASEC) has issued a warning about a significant security threat involving the distribution of malicious LNK files. This threat, known…
Pandora Malware Attacks Android TVs via firmware updates and pirated video
A new threat to Android devices named android[.]pandora has been identified that compromises the devices when pirated video content is installed or during firmware updates.…
Internal Chats of a Conti Ransomware Group Exposed
RaaS (Ransomware-as-a-service) is actively strengthening the ransomware attacks, but understanding their operations is restricted by illegality. That’s why ransomware attacks have surged in scale and…
Cacti XSS Vulnerability Let Attacker Poison Database
A Stored Cross-Site Scripting (Stored XSS) vulnerability was recently discovered in Cacti that allows an authenticated user to poison the data stored in Cacti’s database. Moreover,…
Global Ticket Giant Hacked: Attackers Accessed Customers Data
A Global Ticketing Giant company, See Tickets, recently reported a data breach that exposed the payment card information of over 300,000 customers. See Tickets, owned by Vivendi…
Threat Actors Alter DGA Patterns to Improve C2 Communication
A Domain Generation Algorithm (DGA) creates numerous domain names, serving as meeting points for malware C&C servers. DGAs help malware evade security measures by generating…
Multiple ArubaOS Vulnerabilities – Attackers Execute Arbitrary Code
Multiple vulnerabilities have been discovered in Aruba 9200 and 9000 Series Controllers and Gateways running ArubaOS. The vulnerabilities related to Buffer Overflow and Hardware Root…
Researchers Pre-trained LLM Agents Acting as Human Penetration Testers
LLMs have already shown their exceptional abilities in mimicking human text abilities, but their potential reaches further. They now show promise in planning and open-world…