Malware Families Adapting To COM Hijacking Technique For Persistence
COM (Component Object Model) hijacking is a technique in which threat actors exploit the core architecture of Windows by adding a new value on a…
Category: CyberSecurityNews
150K+ Fortinet Devices Vulnerable to Critical Code Execution Flaw
A critical security flaw identified as CVE-2024-21762 has been discovered in Fortinet’s FortiOS and FortiProxy secure web gateway systems, potentially impacting around 150,000 devices worldwide.…
Russian Spies Hacked Microsoft Email Systems & Accessed Code
Microsoft has disclosed that Russian government hackers, identified as the group Midnight Blizzard, have successfully infiltrated its corporate email systems and stolen source codes. The…
Gitlab Authorization Vulnerability Let Attackers Steal Variables
GitLab has announced the release of updated versions for its Community Edition (CE) and Enterprise Edition (EE) platforms. These updates address critical vulnerabilities that could…
Android Malware-as-Service “Coper” Offering Features to Hackers
The Coper malware, a descendant of the Exobot malware family, was first distributed as a fake version of Bancolombia’s ‘Personas’ application. Fast forwarding to 2022,…
CrowdStrike to Acquire Flow Security For Cloud Leadership
CrowdStrike announced its acquisition of Flow Security, the industry’s first cloud-native data runtime security solution. This move positions CrowdStrike as a leader in modern cloud…
Snort 2.9.8.3 and Snort 2.9.13.0 End of Life for Talos Rules
The end-of-life for Talos rules support for two versions of the widespread intrusion detection and prevention system Snort has been declared. Effective immediately, the rule…
FBI Releases Internet Crime Report for 2023 : 22% Surge
Federal Bureau of Investigation (FBI) has published its annual Internet Crime Report for 2023, highlighting a significant 22% increase in losses due to cybercrime, amounting…
Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption
Company Open Sources FHE Libraries to Build Privacy-Preserving Blockchain and AI Applications for the First Time. An investment has been secured to bring Fully Homomorphic…
Hackers Spoofing U.S. Government Entities To Steal Corporate Data
TA4903 is a financially motivated cybercriminal threat actor who impersonates both US government institutions and private businesses across a wide range of industries. The actor…
ArubaOS Security Flaw Let Attackers Execute Remote Code
ArubaOS-Switch belongs to Aruba Networks and it’s a subsidiary of HPE (Hewlett Packard Enterprise). It helps centralize network management, and besides this, it also develops…
Cisco Secure Client Flaw let Attackers Trigger CRLF Attack
Cisco has disclosed a critical vulnerability in the SAML authentication process of its Cisco Secure Client software. This vulnerability could potentially allow unauthenticated, remote attackers…