CISA Warns of Hackers Exploiting Cisco Smart Install Feature
Attackers obtain system configuration files by taking advantage of software or protocols that are installed on devices, such as by abusing the legacy Cisco Smart…
Author: Cybernoz
Google Researchers Found Nearly a Dozen Flaws in Popular Qualcomm Software for Mobile GPUs
Demand for graphics processing units or GPUs has exploded in recent years as video rendering and artificial intelligence systems have expanded the need for processing…
North Korean Kimusky Group Attacking University Professors
Kimsuky, a North Korean APT group, employs targeted phishing campaigns, leveraging DMARC exploitation to conceal social engineering, infiltrate university networks, and steal research for the…
Experts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service Takeovers
Aug 09, 2024Ravie LakshmananCloud Security / Data Protection Cybersecurity researchers have discovered multiple critical flaws in Amazon Web Services (AWS) offerings that, if successfully exploited,…
Kubernetes at 10: CRDs at core of extensible, modular storage in K8s
Kubernetes is 10! Mid-2024 sees the 10th birthday of the market-leading container orchestration platform. Xing Yang, cloud-native storage tech lead at VMware by Broadcom, started working…
Malware force-installs Chrome extensions on 300,000 browsers, patches DLLs
An ongoing and widespread malware campaign force-installed malicious Google Chrome and Microsoft Edge browser extensions in over 300,000 browsers, modifying the browser’s executables to hijack homepages…
Critical XSS Vulnerability In Roundcube Let Attackers Execute Arbitrary Code
Roundcube, a widely adopted open-source webmail application, is included by default in the popular cPanel web hosting control panel, leading to millions of installations worldwide. …
Iranian Hackers Targeting 2024 US Election Campaigns
Microsoft has released a report detailing Iran’s efforts to influence the upcoming 2024 US presidential election. The report highlights the increasing activity of groups linked…
The Security Interviews: Google’s take on confidential computing
Among the arms races taking place in the public cloud is one focused on providing the most trusted environment for hosting applications and data. It…
Microsoft discloses Office zero-day, still working on a patch
Microsoft has disclosed a high-severity zero-day vulnerability affecting Office 2016 and later, which is still waiting for a patch. Tracked as CVE-2024-38200, this security flaw…
Threat Actors Hijacking Websites To Deliver .NET Based Malware
Clearlake is a cyber threat operation that distributes fake antivirus software to make users perceive their system as infected. Sometimes, malicious software can be designed…
How Hackers Extracted the ‘Keys to the Kingdom’ to Clone HID Keycards
Finally, HID says that “to its knowledge,” none of its encoder keys have leaked or been distributed publicly, and “none of these issues have been…