Exim patches three of six zero-day bugs disclosed last week
Exim developers have released patches for three of the zero-days disclosed last week through Trend Micro’s Zero Day Initiative (ZDI), one of them allowing unauthenticated…
Month: October 2023
New BunnyLoader threat emerges as a feature-rich malware-as-a-service
Security researchers discovered a new malware-as-a-service (MaaS) named ‘BunnyLoader’ advertised on multiple hacker forums as a fileless loader that can steal and replace the contents…
WS_FTP flaw CVE-2023-40044 actively exploited in the wild
WS_FTP flaw CVE-2023-40044 actively exploited in the wild Pierluigi Paganini October 02, 2023 Experts warn of threat actors actively exploiting CVE-2023-40044 flaw in recently disclosed…
Ransomware gangs now exploiting critical TeamCity RCE flaw
Ransomware gangs are now targeting a recently patched critical vulnerability in JetBrains’ TeamCity continuous integration and deployment server. The flaw (tracked as CVE-2023-42793 and tagged…
Sony hit again?, Taiwan Disinformation, Corporations Demand Hardcore Workers, and GPTVision Examples…
Unsupervised Learning is a Security, AI, and Meaning-focused podcast that looks at how best to thrive as humans in a post-AI world. It combines original…
AWS Honeypot to Disrupt Threat Actors
In the realm of cybersecurity, the battle against threat actors never stops. With its vast cloud infrastructure, Amazon Web Services (AWS) is at the forefront…
Apache NiFi RCE Vulnerability – Attackers Exfiltrate Sensitive Data
The widely used data integration tool Apache NiFi has been discovered to be susceptible to a critical security flaw tracked as CVE-2023-34468 that might allow remote code execution.…
Hackers Bypass Cloudflare Firewall & DDoS using Cloudflare
Cloudflare, a prominent cybersecurity vendor renowned for its web protection services, faces a security challenge that could expose its customers to unforeseen risks. A recent…
Crypto Industry Lost $685 Million in Q3 2023, 30% by Lazarus Group
Crypto Security Experts at Barracuda Networks Subscribery Immunefi Warn of Increased Risk of Large-Scale Attacks, State-Backed Actors, and CeFi Targets. Immunefi, the Singapore-based leading blockchain…
Sony hit again?, Taiwan Disinformation, Corporations Demand Hardcore Workers, and GPTVision Examples…
Unsupervised Learning is a Security, AI, and Meaning-focused podcast that looks at how best to thrive as humans in a post-AI world. It combines original…
Exploit available for critical WS_FTP bug exploited in attacks
Over the weekend, security researchers released a proof-of-concept (PoC) exploit for a maximum severity vulnerability in Progress Software’s WS_FTP Server file sharing solution. Assetnote researchers…
New Android Banking Malware Pose as Government App
Cybercriminals continue making malware for profit, with a recent report uncovering ASMCrypt in underground forums related to the DoubleFinger loader. In the cybercrime landscape, researchers…