LastPass is encrypting URLs used with Password Vaults
LastPass, a widely used password manager trusted by millions of consumers and businesses globally, has announced an upgrade to its security measures, the encryption of…
Category: CyberSecurityNews
End of VBScript! Microsoft Replacing it With Advanced Alternatives
Microsoft has officially announced the gradual deprecation of VBScript, with plans to replace it with more advanced alternatives such as JavaScript and PowerShell. The move…
WinRAR Flaw Let Attackers Deceive Users with ANSI Escape Sequences
A critical vulnerability has been discovered in WinRAR, a popular file compression and archiving utility for Windows. The flaw, tracked as CVE-2024-36052, affects WinRAR versions…
Detecting A Phishing Attack With Help Of Artificial Intelligence
Social engineering email attacks remain a threat despite commercial solutions and user training focused on identifying phishing indicators like urgency, unusual greetings, or inconsistent email…
GHOSTENGINE Malware Terminates EDR Agents That Interfere
Researchers discovered REF4578, an intrusion set that uses vulnerable drivers to disable established security solutions (EDRs) for crypto mining and deploys a malicious payload known…
Researchers Detailed How Letmeowin Harvest Credentials
Security researcher Meowmycks unveiled a new tool named LetMeowIn, designed to harvest credentials from the Local Security Authority Subsystem Service (LSASS) process on Microsoft Windows…
EPA Warns Of Cyber Attacks & Vulnerabilities In Water System
The U.S. Environmental Protection Agency (EPA) has sent an enforcement warning about the serious cyber threats and holes in community drinking water systems. The National…
Ivanti Endpoint Manager SQL Injection Flaw
Multiple vulnerabilities involving SQL injection have been identified in Ivanti Endpoint Manager. These vulnerabilities could potentially enable malicious actors to carry out various unauthorized actions,…
VMware Vulnerabilities Let Attackers Execute Code & Trigger DOS
VMware, a leading virtualization and cloud computing software provider, has issued patches for several critical and important vulnerabilities affecting its ESXi, Workstation, Cloud Foundation, and…
Rockwell Automation Warns to Disconnect Devices From Internet
Rockwell Automation has sent an urgent message to all of its customers because of rising geopolitical issues and hostile cyber activity worldwide. The company is…
Unauthenticated RCE Vulnerability in Fortinet FortiSIEM: PoC Published
A proof-of-concept (PoC) exploit has been released for a critical unauthenticated, remote code execution vulnerability in Fortinet FortiSIEM, tracked as CVE-2023-34992. The vulnerability, which has…
New Hijack Loader Attack Windows with Enhanced Anti-Evasion Capabilities
Security researchers from ANY.RUN have identified a new version of the Hijack Loader malware, which now boasts updated anti-evasion techniques. This development marks a significant…