Chrome Security Update Patches Critical Remote Code Execution Vulnerability
Google has issued an urgent security update for the Chrome browser on Windows, Mac, and Linux, addressing a critical vulnerability that could allow attackers to…
Category: CyberSecurityNews
New RatOn Takes Control Over Bank Account and Initiates Automated Money Transfers
Cybersecurity researchers have observed the emergence of a novel Android banking trojan, RatOn in recent months that seamlessly combines remote access capabilities with NFC relay…
Microsoft Anti-Spam Bug Blocks Users From Opening URLs in Exchange Online and Teams
A widespread issue with Microsoft’s anti-spam filtering service is preventing some Exchange Online and Microsoft Teams users from opening URLs, disrupting workflows across organizations. The…
How to Enrich Alerts with Live Attack Data from 15K SOCs
Every SOC analyst knows the frustration. Your SIEM generates hundreds, sometimes thousands of alerts daily. Each alert demands attention, but with limited time and resources,…
Critical Ivanti Endpoint Manager Vulnerabilities Let Attackers Execute Remote Code
Ivanti has released security updates to address two high-severity vulnerabilities in its Endpoint Manager (EPM) software that could allow remote code execution. The vulnerabilities, tracked…
Beware of Phishing Email from Kimusky Hackers With Subject Spetember Tax Return Due Date Notice
A new wave of phishing attacks purporting to originate from South Korea’s National Tax Service has emerged, leveraging familiar electronic document notifications to trick recipients…
FortiDDoS OS Command Injection Vulnerability Let Attackers Execute Unauthorized Commands
Fortinet has disclosed a medium-severity vulnerability in its FortiDDoS-F product line that could allow a privileged attacker to execute unauthorized commands. Tracked as CVE-2024-45325, the…
Salat Stealer Exfiltrates Browser Credentials Via Sophisticated C2 Infrastructure
Salat Stealer has emerged as a pervasive threat targeting Windows endpoints with a focus on harvesting browser-stored credentials and cryptocurrency wallet data. First detected in…
Police Body Camera Apps Sending Data to Cloud Servers Hosted in China Via TLS Port 9091
Police-issued body cameras have become ubiquitous tools for recording law enforcement encounters, yet a recent investigation has uncovered troubling design choices in a budget-friendly system…
U.S. Treasury Sanctions Scam Centers in Southeast Asia that Steal Billions
The U.S. Department of the Treasury has unveiled a sweeping sanctions campaign against a network of cyber scam centers across Southeast Asia that collectively stole…
How a Faulty Windows Driver Can Cause a System Crash and Blue Screen of Death
A recent analysis of a Windows kernel-memory dump has provided a detailed look into a DRIVER_POWER_STATE_FAILURE, a critical error that results in a Blue Screen…
New Malware Attack Leveraging Exposed Docker APIs to Maintain Persistent SSH Root Access
A sophisticated malware strain targeting exposed Docker APIs has emerged with enhanced infection capabilities that go beyond traditional cryptomining operations. The threat, discovered in August…