Chinese Hacker Charged for Hacking 81,000+ Firewalls Worldwide
The cybersecurity firm Sichuan Silence and one of its employees, Guan Tianfeng, have been sanctioned by the Department of the Treasury’s Office of Foreign Assets…
Category: CyberSecurityNews
Microsoft Office & Excel Vulnerabilities Expose Systems To RCE & Privilege Escalation
Microsoft disclosed two significant vulnerabilities affecting its Office and Excel products as part of its December Patch Tuesday updates. These vulnerabilities tracked as CVE-2024-49059 and…
Windows Remote Desktop Services Vulnerability Let Attackers Execute Remote Code
On December 10, 2024, Microsoft disclosed a critical vulnerability in its Windows Remote Desktop Services, tracked as CVE-2024-49115. This security flaw allows attackers to execute…
LDAP Clinet Vulnerability Let Attackers Gain Vulnerable System Access Remotely
A newly disclosed critical vulnerability, identified as CVE-2024-49124, has been classified as a Remote Code Execution (RCE) flaw with a severity rating of Critical by…
Hackers Exploiting HTML Functions to Bypass Email Security Filters
Cybercriminals increasingly leverage sophisticated HTML techniques to circumvent email security filters, putting users and organizations at greater risk of falling victim to phishing attacks. These…
Multiple Ivanti CSA Vulnerabilities Let Attackers Bypass Admin Web Console Remotely
Ivanti has released crucial security updates to address multiple vulnerabilities in its Cloud Services Application (CSA) software, including critical flaws that could allow attackers to…
Chrome Security Update, Patch for 3 High-severity Vulnerabilities
Google has released a critical security update for its Chrome browser, addressing three high-severity vulnerabilities that could potentially expose users to significant risks. The latest…
Windows Common Log File System Zero-day (CVE-2024-49138) Exploited in the Wild
A new high-severity security vulnerability, CVE-2024-49138, has been identified as a zero-day in the Windows Common Log File System (CLFS) Driver. Microsoft confirmed that this…
Microsoft December 2024 Patch Tuesday
Microsoft released a security as part of the December Patch Tuesday that addressed 72 vulnerabilities, including 30 classified as critical Remote Code Execution (RCE) vulnerabilities.…
Cleo Zero-Day RCE Vulnerability Actively Exploited in the Wild
A critical zero-day vulnerability (CVE-2024-50623) in Cleo’s file transfer products Harmony, VLTrader, and LexiComis being actively exploited by threat actors, cybersecurity researchers have warned. The…
Web Apps and Admin Center Goes Offline
Microsoft is investigating a widespread outage that disrupted access to Microsoft 365 web applications and the Microsoft 365 admin center earlier today. The issue affected…
Chinese Hackers Using Visual Studio Code Tunnels & RDP To Gain Remote Access
In a sophisticated cyber-espionage campaign dubbed ‘Operation Digital Eye,’ suspected Chinese state-backed hackers targeted major business-to-business IT service providers across Southern Europe between late June…