Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)
A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab users’ NTLM hashes, Microsoft has shared late last week. The vulnerability…
Author: Cybernoz
Gartner Highlights Cyble In 2024 Hype Cycle For Managed IT Services
Gartner highlights Cyble as a sample vendor in the Gartner® Hype Cycle™ for Managed IT Services, 2024, according to a report published by Gartner on July…
Hackers’ Toolkit Exposed, Wide Range of Tools From Initial Access to Full Control
Cybersecurity researchers have discovered an extensive hacker toolkit, revealing a comprehensive set of tools designed for various stages of cyberattacks. The toolkit, found in an…
Google’s Quick Share Vulnerabilities Let Attackers Execute Remote Code
By reverse-engineering Quick Share’s proprietary communication protocol, researchers uncovered multiple vulnerabilities, including unauthorized file writes, forced Wi-Fi connections, directory traversal, and denial-of-service conditions. These flaws…
Resecurity unveils new AI-driven Fraud Prevention Platform
Resecurity unveiled its advanced AI-driven Fraud Prevention Platform. This versatile solution is engineered to combat fraud across banking, virtual asset service providers (VASPs), gambling, e-commerce,…
Amazon Customer In India Alleges Data Breach After Fake Orders
An Amazon customer in India has raised concerns about a potential data breach at Amazon after receiving duplicate orders and fake products. The customer, through…
EastWind campaign targets Russian organizations with sophisticated backdoors
EastWind campaign targets Russian organizations with sophisticated backdoors Pierluigi Paganini August 12, 2024 A campaign tracked as EastWind is targeting Russian government and IT organizations…
Vulnerabilities in AWS Lets Attackers To Gain Full-Service Takeover
Researchers from Aqua identified critical vulnerabilities in six Amazon Web Services (AWS): CloudFormation, Glue, EMR, SageMaker, ServiceCatalog, and CodeStar. These vulnerabilities varied in severity, potentially…
A week in security (August 5 – August 11)
Last week on Malwarebytes Labs: Last week on ThreatDown: Stay safe! Our business solutions remove all remnants of ransomware and prevent you from getting reinfected.…
Industrial Remote Access Tool Ewon Cosy+ Vulnerable to Root Access Attacks
Aug 12, 2024Ravie LakshmananOperational Technology / Network Security Security vulnerabilities have been disclosed in the industrial remote access solution Ewon Cosy+ that could be abused…
Qualcomm’s Adreno GPU Vulnerabilities Affect Billions of Android Devices
Google researchers have identified critical security vulnerabilities within Qualcomm’s Adreno GPU, potentially affecting billions of Android devices globally. If exploited, these vulnerabilities could lead to…
Forrester: Rethink your software asset management practices
Software asset management (SAM) has evolved from simple back-office record-keeping to more complex licence and contract management that integrates innovative technologies such as artificial intelligence…