What is Access Matrix?
Access control is fundamental to operating system (OS) security. It ensures that only authorized processes can perform specific actions on system resources. One key tool…
Category: CyberSecurityNews
Researchers Unpacked ViperSoftX Malware’s Evasion Tactics And Techniques
Sophisticated threat actors, like those behind the ViperSoftX malware from 2020, often make use of existing tools to save time and resources. ViperSoftX uses AutoIt,…
RomCom Group Exploiting Microsoft Office 0-day To Deploy Ransomware
The Russian group RomCom, dubbed Storm-0978, distributes underground ransomware by leveraging the Microsoft Office and Windows HTML RCE zero-day vulnerability identified as CVE-2023-36884. This ransomware…
New Emansrepo Malware Weaponizing HTML Files To Attack Windows Users
Emansrepo is a Python infostealer that was discovered by the FortiGuard Labs in August 2024 and has been disseminated through phishing emails containing fake purchase…
Threat Actor Allegedly Claims Leak of BMW Customer Database
A well-known threat actor identified as “888” has claimed responsibility for leaking sensitive customer data belonging to BMW Hong Kong. According to the Breachforums post,…
Zyxel Critical Vulnerability Let Attackers perform OS command injection
Zyxel has issued patches to address a critical operating system (OS) command injection vulnerability identified as CVE-2024-7261. This vulnerability affects several versions of their access…
Android Zero-Day Elevation of Privilege vulnerability Patched
Google has released a patch for a critical zero-day vulnerability, CVE-2024-32896, which was actively exploited in the wild. This vulnerability, classified as a high-severity elevation…
YubiKeys cryptographic Flaw Let Attackers Clone Devices by Extracting Secret Key
Security researchers have uncovered a significant vulnerability in YubiKeys, specifically targeting the YubiKey 5 Series. This vulnerability, identified as a side-channel attack, allows attackers to…
PoC Exploit Released for 0-Day Windows Kernel Privilege Escalation Vulnerability
A proof-of-concept (PoC) exploit has been publicly released for a critical zero-day elevation of privilege vulnerability in the Windows kernel. The flaw, tracked as CVE-2024-38106,…
Blackwired Launches ThirdWatch℠, A Paradigm Shift in Cybersecurity
Blackwired, the leading cyber observatory for disruptive cybersecurity technologies, has announced the launch of ThirdWatch℠, a groundbreaking solution to identify direct threats facing an organization…
Website Operators Arrested for Running an MFA Bypass Site
Three men have pleaded guilty to operating a website that enabled criminals to bypass banking anti-fraud checks, leading to significant financial losses for unsuspecting victims.…
D-Link Declines to Patch RCE Vulnerabilities That Affected End-of-Life Routers
A significant security vulnerability has been reported in the DAP-2310, specifically affecting Hardware Revision A with Firmware version 1.16RC028. Hahna Latonick of Dark Wolf Solutions…