QakBot Exploiting Windows Zero-Day To Gain System Privileges
In April 2024, security researchers revisited CVE-2023-36033, a Windows DWM Core Library elevation of privilege vulnerability that was previously discovered and exploited in the wild.…
Month: May 2024
FSCAC Appointment Includes Chair And Three Members
Josh Krueger, the Chief Information Security Officer at Project Hosts, Inc. has been appointed to the Federal Secure Cloud Advisory Committee (FSCAC). This prestigious committee…
Google fixes third actively exploited Chrome zero-day in a week
Google has released a new emergency Chrome security update to address the third zero-day vulnerability exploited in attacks within a week. “Google is aware that…
Hackers Exploiting Quick Assist Tool To Deliver Ransomware
Hackers often target remote assist tools because they create a direct channel to access desired systems with minimum effort. These tools have been built for…
Public Sector IT is Broken: Turning the System Back On
Today’s IT services within public sector organisations are not adequate for their intended purpose anymore. Security breaches frequently make headlines. Downtime disrupts services and productivity.…
Apple Has Terminated 370 M+ developer & Customer Accounts
The App Store will close over 370 million developer and customer accounts in 2023. Apple takes this move to fight fraud and provide a safe…
Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines
Security researchers have disclosed almost a dozen security flaws impacting the GE HealthCare Vivid Ultrasound product family that could be exploited by malicious actors to…
New WiFi Vulnerability Paves Ways For SSID Confusion Attack
A new WiFi vulnerability is reportedly leading users to a SSID confusion attack. The vulnerability has been identified in the very fabric of the IEEE…
Earth Hundun Hacker Group Employs Advanced Tactics
Earth Hundun, a notable Asia-Pacific malware organization, uses Waterbear and Deuterbear. We first encountered Deuterbear in Earth Hundun’s arsenal in October 2022, signaling its implementation.…
Vmware Workstation AND Fusion Flaws Let Attackers Execute Arbitrary Code
Multiple security flaws affecting VMware Workstation and Fusion have been addressed by upgrades published by VMware. If these vulnerabilities are successfully exploited, attackers may be…
MediSecure Data Breach Confirms Access To Health Information
A ransomware attack has compromised MediSecure, a leading Australian script provider facilitating electronic prescribing and dispensing of prescriptions. The MediSecure data breach was reported by…
a data breach at a third-party provider impacted customers and employees
Santander: a data breach at a third-party provider impacted customers and employees Pierluigi Paganini May 16, 2024 The Spanish bank Santander disclosed a data breach…