Google Patches Actively Exploited Android Kernel Zero-Day Patched
The Android Security Bulletin for August 2024 details vulnerabilities addressed by the 2024-08-05 security patch level. The most critical issue is a high-severity vulnerability in…
Category: CyberSecurityNews
New Threat Detection Model Detects Threats in Serverless Cloud
Researchers have introduced a novel threat detection model designed specifically for serverless cloud environments. This innovative approach leverages cloud providers’ native monitoring tools to detect…
Jfrog Artifactory Flaw Let Attackers Poison Artifact Caches
A critical vulnerability identified as CVE-2024-6915 has been discovered in JFrog Artifactory, a widely used repository manager. This flaw, categorized under CWE-20 (Improper Input Validation),…
Apache OFBiz Zero-Day Vulnerability Let Attackers Execute Remote Code
A critical zero-day vulnerability in Apache OFBiz, an open-source enterprise resource planning (ERP) system, has been discovered that could allow unauthenticated attackers to execute arbitrary…
Bloody Wolf Attacking Organizations With $80 Malware From Underground Market
Cybersecurity experts have uncovered a series of attacks targeting organizations in Kazakhstan by a threat actor dubbed “Bloody Wolf.” The group utilizes STRRAT, an inexpensive…
Leaked Wallpaper Exploit Let Attackers Escalate Privilege on Windows Systems
A critical security flaw in Windows’ wallpaper handling mechanism has been uncovered. It allows attackers to gain system-level privileges on affected machines. Security researcher Andrea…
APT41 Attacking Research Institute with ShadowPad & Cobalt Strike
Cisco Talos has unearthed a sophisticated cyber-espionage campaign targeting a Taiwanese government-affiliated research institute. The attack, attributed to the notorious Chinese hacking group APT41, involved…
Threat Actor Groups Using Leaked Ransomware Variants To Launch Attacks
Ransomware operators often acquire malware through purchases on the dark web, group affiliations, and leaked source codes rather than developing themselves. They target victims by…
4.6 Million Voter Database & Election Documents Exposed Online
Cybersecurity researcher Jeremiah Fowler discovered and reported to VpnMentor about 13 non-password-protected databases containing 4.6 million documents, including sensitive voter records and election-related documents. This…
Secure Model That Addresses Security And Downsides Of DNSSEC
The communication between DNS recursive resolvers and authoritative nameservers is largely unsecured, making it susceptible to on-path and off-path attacks. Though many security proposals have…
Rockwell Automation Devices Flaw Let Hackers Gain Unauthorized Access
A critical security vulnerability in Rockwell Automation’s ControlLogix and GuardLogix controllers has been discovered. This vulnerability could potentially allow attackers to bypass security measures and…
Critical Vulnerability in Digital Video Recorders Exposes 400,000 Devices
Multiple digital Video Recorder (DVR) devices have been identified with a critical security vulnerability, leaving over 408,000 units exposed to potential cyber-attacks. The flaw, primarily affecting models…