Bitdefender GravityZone Flaw Let Hackers Launch SSRF Attacks
Bitdefender has recently fixed a critical Server-Side Request Forgery (SSRF) vulnerability in its GravityZone Console On-Premise, known as CVE-2024-4177. This flaw, discovered in the host…
Category: CyberSecurityNews
Microsoft Made Changes to Recall Feature Following Controversial Security Concerns
Microsoft has announced significant updates to its new Recall feature for Copilot+ PCs, following a wave of security and privacy concerns raised by experts and…
Beware of Fake Chrome Update Pop-Ups that Installs Malware
In the ever-changing cybersecurity landscape, a persistent threat appears in the form of a fake Chrome update. Usually, these efforts involve injecting harmful code into…
Kimsuky APT Exploiting Facebook And MS Console For Targeted Attacks
Facebook and MS Console are often targeted by hackers, as they contain a lot of personal and sensitive data that can be used for identity…
270GB of New York Times Internal Data and Source Code Leaked
An anonymous hacker has claimed to have leaked 270 GB of internal data and source code from The New York Times (NYT) on the controversial…
Wineloader Mimic As Ambassador Of India To Start The Infection Chain
ARC Labs delved into the intricacies of the Wineloader backdoor, a sophisticated tool used in spearphishing campaigns linked to the notorious APT29 group, also known…
A New Tool that Extracts Dara From Windows 11 Recall Feature
Microsoft’s Windows Recall is a new feature for Copilot+ PCs, announced in May 2024. It takes periodic screenshots (every 5 seconds when screen content changes)…
Ransomware Actor Exploited CoinMiner Attacker’s Proxy Server
Hackers can hide their names and access blocked websites or networks by using proxy servers, which help make these systems anonymous. Compromised proxy servers can…
Hackers Attack ThinkPHP By Injecting Payload From Remote Servers
Threat actors are constantly evolving their TTPs and developing new malicious tools to execute their activities. Recently, Akamai researchers have noted a concerning trend of…
Critical PHP Remote Code Execution Flaw let Attackers Inject Malicious Scripts
The widely used PHP programming language has been discovered with a new remote code execution vulnerability deemed critical severity. Further, this vulnerability is related to…
Huge Surge in Attacks Exploiting Check Point VPN Zero-Day Vulnerability
Check Point published an advisory regarding a critical vulnerability, CVE-2024-24919, which has since seen a surge in exploitation attempts. The vulnerability, rated with a CVSS…
Microsoft to Disable NTLM, Transition to Kerberos Authentication
Microsoft has made an announcement regarding the gradual phasing out of all versions of NTLM (NT LAN Manager). This decision is part of Microsoft’s ongoing…