CrowdStrike Publishes Technical Root Cause Analysis of Faulty Falcon Update
Cybersecurity giant CrowdStrike has released a comprehensive technical root cause analysis detailing the events that led to a problematic Falcon sensor update on July 19,…
Category: CyberSecurityNews
Hackers Hijack Anti-Virus Software Using SbaProxy Hacking Tool
Researchers from LevelBlue Labs have uncovered a new tactic threat actors employ to hijack legitimate anti-virus software for malicious purposes. This sophisticated attack leverages a…
Samsung Announces $1 Million Rewards for Arbitrary Code Execution Vulnerabilities
Samsung has significantly increased its bug bounty program as part of its ongoing efforts to enhance mobile security. The tech giant is now offering rewards…
Western Digital’s Discovery App Vulnerability Allows Code Execution
The Western Digital Discovery app, a well-known provider of storage devices, has a vulnerability identified as CVE 2024-22169 with a CVSS base score of 7.1…
Network Admins Beware! SharpRhino Ransomware Attacking Mimic as Angry IP Scanner
Hunters International has deployed a novel C# malware dubbed SharpRhino as an initial infection vector and persistent Remote Access Trojan (RAT). Delivered through a typosquatting…
Google Patches Actively Exploited Android Kernel Zero-Day Patched
The Android Security Bulletin for August 2024 details vulnerabilities addressed by the 2024-08-05 security patch level. The most critical issue is a high-severity vulnerability in…
New Threat Detection Model Detects Threats in Serverless Cloud
Researchers have introduced a novel threat detection model designed specifically for serverless cloud environments. This innovative approach leverages cloud providers’ native monitoring tools to detect…
Jfrog Artifactory Flaw Let Attackers Poison Artifact Caches
A critical vulnerability identified as CVE-2024-6915 has been discovered in JFrog Artifactory, a widely used repository manager. This flaw, categorized under CWE-20 (Improper Input Validation),…
Apache OFBiz Zero-Day Vulnerability Let Attackers Execute Remote Code
A critical zero-day vulnerability in Apache OFBiz, an open-source enterprise resource planning (ERP) system, has been discovered that could allow unauthenticated attackers to execute arbitrary…
Bloody Wolf Attacking Organizations With $80 Malware From Underground Market
Cybersecurity experts have uncovered a series of attacks targeting organizations in Kazakhstan by a threat actor dubbed “Bloody Wolf.” The group utilizes STRRAT, an inexpensive…
Leaked Wallpaper Exploit Let Attackers Escalate Privilege on Windows Systems
A critical security flaw in Windows’ wallpaper handling mechanism has been uncovered. It allows attackers to gain system-level privileges on affected machines. Security researcher Andrea…
APT41 Attacking Research Institute with ShadowPad & Cobalt Strike
Cisco Talos has unearthed a sophisticated cyber-espionage campaign targeting a Taiwanese government-affiliated research institute. The attack, attributed to the notorious Chinese hacking group APT41, involved…