Mitel MiCollab zero-day flaw gets proof-of-concept exploit
Researchers have uncovered an arbitrary file read zero-day in the Mitel MiCollab collaboration platform, allowing attackers to access files on a server’s filesystem. Mitel MiCollab…
Month: December 2024
WordPress Gutenberg Editor Vulnerability Let Attackers Inject Malicious Scripts
A newly disclosed vulnerability in the Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor plugin for WordPress has raised concerns among website administrators…
Cisco NX-OS Flaw Let Attackers Bypass Image Signature Verification
A critical vulnerability has been identified in the bootloader of Cisco NX-OS Software, potentially allowing attackers to bypass image signature verification. This flaw, which affects…
Beyond Compliance: CMMC 2.0 and the New Era of Cybersecurity for the Defense Industry
With a growing trend of cyber threats and vulnerabilities in the defense sector and an estimated $600 billion in intellectual property theft annually, the Department…
This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges
Dec 05, 2024Ravie LakshmananCryptocurrency / Mobile Security As many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly…
The Dumbest Thing In Security: Stupid Hacker Threats
Pro tip for hackers: Don’t threaten people whose specialty is uncovering the identity of cybercriminals. That mistake apparently led to the October arrest of Alexander…
‘Large number’ of Americans’ metadata stolen by Salt Typhoon hackers – Security – Telco/ISP
A large number of Americans’ metadata has been stolen in the sweeping cyberespionage campaign carried out by a Chinese hacking group dubbed “Salt Typhoon,” a…
How AI Can Help Analysts Focus on High-Value Tasks
Burnout in SOCs: How AI Can Help Analysts Focus on High-Value Tasks Pierluigi Paganini December 05, 2024 SOC analysts, vital to cybersecurity, face burnout due…
Latrodectus malware and how to defend against it with Wazuh
Latrodectus is a versatile malware family that employs advanced tactics to infiltrate systems, steal sensitive data, and evade detection. Named after the black widow spider…
U.S. Organization In China Attacked By China-Based Hackers
A large U.S. organization with significant operations in China fell victim to a sophisticated cyber attack, likely orchestrated by China-based hackers. The intrusion, which lasted…
ChatGPT Next Web vulnerability Let Attackers exploit endpoint to Perform SSRF
Researchers released a detailed report on a significant security vulnerability named CVE-2023-49785, affecting the ChatGPT Next Web, popularly known as NextChat. This vulnerability has raised…
The Hidden Threat of Legacy Systems: Lessons from a Massive Recent Data Breach
In an era where innovation often outpaces implementation, legacy systems remain a hidden yet significant threat to cybersecurity. A recent breach involving DemandScience, a business-to-business…