Internal Chats of a Conti Ransomware Group Exposed
RaaS (Ransomware-as-a-service) is actively strengthening the ransomware attacks, but understanding their operations is restricted by illegality. That’s why ransomware attacks...
Read more →Author: Cybernoz
Cacti XSS Vulnerability Let Attacker Poison Database
A Stored Cross-Site Scripting (Stored XSS) vulnerability was recently discovered in Cacti that allows an authenticated user to poison the data...
Read more →
Global Ticket Giant Hacked: Attackers Accessed Customers Data
A Global Ticketing Giant company, See Tickets, recently reported a data breach that exposed the payment card information of over 300,000 customers....
Read more →
Threat Actors Alter DGA Patterns to Improve C2 Communication
A Domain Generation Algorithm (DGA) creates numerous domain names, serving as meeting points for malware C&C servers. DGAs help malware...
Read more →
Multiple ArubaOS Vulnerabilities – Attackers Execute Arbitrary Code
Multiple vulnerabilities have been discovered in Aruba 9200 and 9000 Series Controllers and Gateways running ArubaOS. The vulnerabilities related to...
Read more →
Researchers Pre-trained LLM Agents Acting as Human Penetration Testers
LLMs have already shown their exceptional abilities in mimicking human text abilities, but their potential reaches further. They now show...
Read more →
SSO Implementation Vulnerability In Cisco Broadworks
A single sign-on (SSO) implementation flaw in the Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform might...
Read more →
iPhone Zero-Day Exploited in the Wild to Install Malware
Researchers discovered an actively exploited zero-click vulnerability that was part of an exploit chain aimed at deploying NSO Group’s Pegasus...
Read more →
Apple Discloses 2 Zero-Day Flaws Exploited to Hack iPhones & Mac
Two Zero-Day flaws have been discovered on Apple Devices affecting macOS, iOS, and iPadOS. The vulnerabilities involve an arbitrary code...
Read more →
Google rolls out Privacy Sandbox to use Chrome browsing history for ads
Google has started to roll out its new interest-based advertising platform called the Privacy Sandbox, shifting the tracking of user’s...
Read more →
Cisco Identity Services Engine Flaw Let Attacker Trigger DoS Condition
Cisco addressed high-impact vulnerability CVE-2023-20243 in the Cisco Identity Services Engine (ISE), allowing attackers to stop processing Radius packets. This vulnerability,...
Read more →
Hackers Steal NTLMv2 Hashes using Custom Powershell Scripts
A new sophisticated stealing campaign named “Steal-It” has been discovered that exfiltrates NTLMv2 hashes using customized versions of Nishang’s Start-CaptureServer...
Read more →