Ransomware Actor Exploited CoinMiner Attacker’s Proxy Server
Hackers can hide their names and access blocked websites or networks by using proxy servers, which help make these systems anonymous. Compromised proxy servers can…
Category: CyberSecurityNews
Hackers Attack ThinkPHP By Injecting Payload From Remote Servers
Threat actors are constantly evolving their TTPs and developing new malicious tools to execute their activities. Recently, Akamai researchers have noted a concerning trend of…
Critical PHP Remote Code Execution Flaw let Attackers Inject Malicious Scripts
The widely used PHP programming language has been discovered with a new remote code execution vulnerability deemed critical severity. Further, this vulnerability is related to…
Huge Surge in Attacks Exploiting Check Point VPN Zero-Day Vulnerability
Check Point published an advisory regarding a critical vulnerability, CVE-2024-24919, which has since seen a surge in exploitation attempts. The vulnerability, rated with a CVSS…
Microsoft to Disable NTLM, Transition to Kerberos Authentication
Microsoft has made an announcement regarding the gradual phasing out of all versions of NTLM (NT LAN Manager). This decision is part of Microsoft’s ongoing…
PoC Exploit Released for Severity Apache HugeGraph RCE flaw
A proof-of-concept (PoC) exploit has been released for a high-severity Remote Code Execution (RCE) vulnerability in the Apache HugeGraph Server. This vulnerability, identified as CVE-2024-27348,…
Cisco Finesse Vulnerabilities Let Attackers Perform XSS Attack
Cisco has issued a security advisory detailing multiple vulnerabilities in Cisco Finesse’s web-based management interface. These vulnerabilities, identified as CVE-2024-20404 and CVE-2024-20405, could allow unauthenticated,…
Chrome Introduced Shared Memory Versioning
Google Chrome recently implemented Shared Memory Versioning, improving its speed through more effective cookie handling. This upgrade improves Chrome and other Chromium-powered browsers like Microsoft…
Commando Cat Attacking Docker remote API servers to Deploy Crypto Miners
A campaign dubbed “Commando Cat” has been observed exploiting exposed Docker remote API servers to deploy cryptocurrency miners. This campaign, active since the beginning of…
RansomHub Raas Emerges As The Most Largest Ransomware Group
The lucrative business model and the simplicity of running Ransomware-as-a-Service (RaaS) are driving rapid evolution and adoption. Threat actors go for RaaS as it eliminates…
Kiosk Mode Bypass Flaw On Hotel Check-in Terminal Leaks
A new vulnerability has been discovered in Ariane Allegro Scenario Player in a Kiosk mode that could allow threat actors to bypass the Kiosk mode…
Hackers Exploiting MS-SQL Servers To Attack Windows Server
MS-SQL Servers contain a multitude of sensitive information, which is why hackers often target them, enabling them to access critically important systems. Exploiting these servers’…