CyberSecurityNews

IBM Aspera Shares Vulnerability Let Attackers Login as Any User

IBM has disclosed a vulnerability in its Aspera Shares software, CVE-2023-38018. This flaw in user session handling could potentially allow attackers to impersonate any user…

August 12, 2024 Cybernoz 2 min read

CyberSecurityNews

ONNX Bot Tool Hijacks Microsoft 365 accounts & Even Bypass 2FA

Researchers have uncovered a sophisticated phishing marketplace, the ONNX Store, which provides cybercriminals with advanced tools to hijack Microsoft 365 accounts. Alarmingly, these tools include…

August 12, 2024 Cybernoz 3 min read

CyberSecurityNews

Sonos Smart Speaker Vulnerability Let Attackers Execute Remote Code

In the beginning of August 2024, Sonos released a security advisory in which they fixed two security vulnerabilities that were associated with Remote Code Execution.…

August 12, 2024 Cybernoz 4 min read

CyberSecurityNews

New Dark Skippy Attack Let Hackers Steal Secret Keys From Signing Device

The threat landscape is significantly evolving, and cybersecurity researchers are continuously developing new security mechanisms to mitigate such evolving and sophisticated threats. Cybersecurity researchers Lloyd…

August 12, 2024 Cybernoz 3 min read

CyberSecurityNews

Researchers Hacked Industrial Remote Access Gateway Tool to Gain Root Access

Security researchers have uncovered severe vulnerabilities in the Ewon Cosy+, a widely used industrial remote access gateway tool, allowing them to gain root access and…

August 12, 2024 Cybernoz 3 min read

CyberSecurityNews

Sumter County Sheriff’s Office Systems Hit by Rhysida Ransomware

The Sumter County Sheriff’s Office has been victim to a ransomware attack orchestrated by the criminal group Rhysida. The cyberattack has temporarily disrupted access to…

August 12, 2024 Cybernoz 2 min read

CyberSecurityNews

Hackers’ Toolkit Exposed, Wide Range of Tools From Initial Access to Full Control

Cybersecurity researchers have discovered an extensive hacker toolkit, revealing a comprehensive set of tools designed for various stages of cyberattacks. The toolkit, found in an…

August 12, 2024 Cybernoz 3 min read

CyberSecurityNews

Vulnerabilities in AWS Lets Attackers To Gain Full-Service Takeover

Researchers from Aqua identified critical vulnerabilities in six Amazon Web Services (AWS): CloudFormation, Glue, EMR, SageMaker, ServiceCatalog, and CodeStar. These vulnerabilities varied in severity, potentially…

August 12, 2024 Cybernoz 4 min read

CyberSecurityNews

Qualcomm’s Adreno GPU Vulnerabilities Affect Billions of Android Devices

Google researchers have identified critical security vulnerabilities within Qualcomm’s Adreno GPU, potentially affecting billions of Android devices globally. If exploited, these vulnerabilities could lead to…

August 12, 2024 Cybernoz 3 min read

CyberSecurityNews

Critical OpenSSH Vulnerability in FreeBSD Let’s Attackers Gain Root Access Remotely

A critical security vulnerability has been discovered in OpenSSH implementations on FreeBSD systems, potentially allowing attackers to execute remote code without authentication. The vulnerability, identified…

August 12, 2024 Cybernoz 2 min read

CyberSecurityNews

Microsoft Office Spoofing Vulnerability Let Attackers Steal Sensitive Data

Microsoft has disclosed a significant security vulnerability in its Office suite, identified as CVE-2024-38200, which could potentially allow attackers to access sensitive information. This spoofing…

August 10, 2024 Cybernoz 2 min read

CyberSecurityNews

Critical OpenVPN Vulnerabilities Expose Millions of Devices to RCE Attack

Microsoft researchers have recently uncovered multiple medium-severity vulnerabilities in OpenVPN, a widely used open-source VPN software. OpenVPN is used by thousands of companies across various…

August 10, 2024 Cybernoz 2 min read