Kubernetes Image Builder Flaw Let Attackers Gain Root Access to VMs
The Kubernetes Security Response Committee has disclosed two critical vulnerabilities in the Kubernetes Image Builder that could allow attackers to gain root access to virtual…
Category: CyberSecurityNews
90+ 0-Days, 40+ N-Days Exploited In The Wild
Hackers exploit security vulnerabilities in the wild primarily to gain ‘unauthorized access to systems,’ ‘steal sensitive data,’ and ‘disrupt services.’ These vulnerabilities often arise from…
Authorities Takendown Sipulitie Dark Web Marketplace
Finnish Customs, in collaboration with the Swedish Police, has successfully shut down the Sipulitie dark web marketplace. This site, operating on the encrypted Tor network…
CISA Warns of Three Vulnerabilities Actively Exploited in the Wild
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding three critical vulnerabilities currently exploited in the wild. These vulnerabilities affect widely…
Microsoft Dataverse Authentication Flaw Let Attackers Escalate Privileges
A critical security vulnerability in Microsoft Dataverse has been discovered, allowing authorized attackers to elevate their privileges over a network. The flaw, identified as CVE-2024-38139,…
Chrome 130 Released with Fix for 17 Security Flaws
Google has released Chrome 130, addressing 17 security vulnerabilities in the popular web browser. This latest update, version 130.0.6723.58/.59 for Windows and Mac and 130.0.6723.58…
What is Business Continuity Plan? How it Works!
Businesses face an array of potential disruptions that can threaten their operations. From natural disasters to cyberattacks, maintaining business functions during unforeseen events is crucial.…
SideWinder APT Hackers Added New Post-Exploitation Toolkit to Their Arsenal
Security researchers at Kaspersky have uncovered a significant expansion in the capabilities of the SideWinder advanced persistent threat (APT) group. In a report published on…
Hackers Using Bitbucket Code Hosting Platform To Host Malicious Payloads
Cybersecurity researchers have uncovered a sophisticated malware campaign exploiting Bitbucket, a popular code hosting platform, to deliver dangerous payloads to unsuspecting victims. The attackers are…
Leeds Equity Partners Acquires Cybersecurity Training Firm OffSec
Leeds Equity Partners (“Leeds Equity”) announced today that it has acquired OffSec (the “Company”), the leading provider of continuous cybersecurity workforce development training and professional…
Why Traditional Correlation Rules Aren’t Enough for Your SIEM
If you’re managing an SIEM (Security Information and Event Management) system, you know how vital centralized threat detection is. SIEM collects and analyzes data from…
Hackers Abuse EDRSilencer Red Team Tool To Evade Detection
EDRSilencer is a tool designed to enhance data privacy and security by “silencing” or “blocking” unwanted data transmissions from endpoints. The tool is likely used…