Organization Hacked by North Korean IT Worker, Remote Hiring Gone Wrong
A recent cyberattack has highlighted the growing threat of North Korean operatives infiltrating Western companies by posing as remote IT workers. An unidentified firm based…
Category: CyberSecurityNews
North Korean Hackers Exploit Zero-Day Flaw In Internet Explorer
A joint report by AhnLab Security Emergency response Center (ASEC) and the National Cyber Security Center (NCSC) has revealed a new zero-day vulnerability (CVE-2024-38178) in…
Multiple Flaws Impacting Boot Chain Of Samsung Devices
The Android boot chain initiates with the “Boot ROM,” which initializes the “bootloader.” The bootloader then loads the kernel, which is responsible for managing system resources…
Linux System ‘noexec’ Mount Flag Bypass Allows Malicious Code Execution
A recent discovery in the Linux ecosystem has unveiled a method to bypass the ‘noexec’ mount flag, enabling malicious code execution on systems that were…
Critical Oracle Security Update, 334 Vulnerabilities Patched
Oracle has released its October 2024 Critical Patch Update (CPU), addressing a staggering 334 security vulnerabilities across its vast product portfolio. This quarterly update, the…
Kubernetes Image Builder Flaw Let Attackers Gain Root Access to VMs
The Kubernetes Security Response Committee has disclosed two critical vulnerabilities in the Kubernetes Image Builder that could allow attackers to gain root access to virtual…
90+ 0-Days, 40+ N-Days Exploited In The Wild
Hackers exploit security vulnerabilities in the wild primarily to gain ‘unauthorized access to systems,’ ‘steal sensitive data,’ and ‘disrupt services.’ These vulnerabilities often arise from…
Authorities Takendown Sipulitie Dark Web Marketplace
Finnish Customs, in collaboration with the Swedish Police, has successfully shut down the Sipulitie dark web marketplace. This site, operating on the encrypted Tor network…
CISA Warns of Three Vulnerabilities Actively Exploited in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding three critical vulnerabilities currently exploited in the wild. These vulnerabilities affect widely…
Microsoft Dataverse Authentication Flaw Let Attackers Escalate Privileges
A critical security vulnerability in Microsoft Dataverse has been discovered, allowing authorized attackers to elevate their privileges over a network. The flaw, identified as CVE-2024-38139,…
Chrome 130 Released with Fix for 17 Security Flaws
Google has released Chrome 130, addressing 17 security vulnerabilities in the popular web browser. This latest update, version 130.0.6723.58/.59 for Windows and Mac and 130.0.6723.58…
What is Business Continuity Plan? How it Works!
Businesses face an array of potential disruptions that can threaten their operations. From natural disasters to cyberattacks, maintaining business functions during unforeseen events is crucial.…