BIND DNS Server Vulnerability Lets Attackers Flood Server
The Internet Systems Consortium (ISC) has released critical security advisories addressing multiple vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 software, a cornerstone of…
Category: CyberSecurityNews
ERP Provider Exposes 769 Million Records, Including API Keys And Email Addresses
A massive data breach involving ClickBalance, one of Mexico’s largest Enterprise Resource Planning (ERP) technology providers, has been uncovered by cybersecurity researcher Jeremiah Fowler. The…
LiteSpeed Cache Plugin Flaw Let Attackers Inject Malicious Code
The popular LiteSpeed Cache plugin for WordPress has been found vulnerable to a Cross-Site Request Forgery (CSRF) attack, which could potentially impact over 5 million…
Windows False File Immutability Vulnerability Let Attackers Execute Arbitrary Code
A new unnamed vulnerability class has been detected in the Windows 11 Kernel that could allow a threat actor to execute arbitrary code with Kernel…
Google Chrome 127 Released With Fix for Vulnerabilities
Google has announced the release of Chrome 127, which is now available on the Stable channel for Windows, Mac, and Linux. The new version, 127.0.6533.72/73…
CrowdStrike Details Incident Affected Millions of Windows Systems Worldwide
In a recent preliminary Post-Incident Review (PIR), cybersecurity firm CrowdStrike provided a detailed account of the events that led to a massive global IT outage…
KnowBe4 Hired North Korean IT Worker, Catches While Installing Malware
Security awareness and training provider KnowBe4 recently disclosed that it inadvertently hired a fake North Korean IT worker who attempted to install malware on a…
Telegram Zero-Day Vulnerability Exploited Using Malicious Video Files
ESET researchers recently discovered a critical zero-day vulnerability in the Telegram messaging app for Android, potentially exposing millions of users to malicious attacks. The exploit,…
Play Ransomware Variant Attacking Linux ESXi Servers
Since ESXi servers host multiple virtual machines, which attract the threat actors most, a successful breach of these servers could enable threat actors to gain…
Top Phishing Campaigns in July 2024
July saw a new influx of phishing and malware campaigns. The analyst team at ANY.RUN sandbox is closely monitoring all developments in the threat landscape…
Beware Of Braodo Stealer That Steals Users’ Login Credentials
Stealers are one of the most used malicious tools that is used by threat actors. As such tools enable hackers to obtain sensitive information such…
IPFire Unveils New Feature to Protect Systems from SYN Flood Attacks
IPFire, a well-known open-source firewall solution, has introduced a new feature to protect systems from SYN Flood attacks, enhancing cybersecurity defenses. This enhancement aims to…