Exim SMTP Zero-day Flaw Let Attackers Execute Remote Code
Six new zero-day vulnerabilities in Exim Message Transfer Agent have been reported as part of the Zero-Day initiative. These vulnerabilities were discovered in June 2022…
Category: CyberSecurityNews
French Cybercriminal Pleads Guilty for Hacking Corporate Data
In a significant development in the realm of cybercrime, a 22-year-old French citizen, Sebastien Raoult, also known as Sezyo Kaizen, has pleaded guilty to conspiracy…
Apache NiFi RCE Vulnerability – Attackers Exfiltrate Sensitive Data
The widely used data integration tool Apache NiFi has been discovered to be susceptible to a critical security flaw tracked as CVE-2023-34468 that might allow remote code execution.…
New Android Banking Malware Pose as Government App
Cybercriminals continue making malware for profit, with a recent report uncovering ASMCrypt in underground forums related to the DoubleFinger loader. In the cybercrime landscape, researchers…
HuntGPT: AI-Based Intrusion Detection Tool
Critical infrastructure has become increasingly the target of cyberattacks, with anticipated yearly damages of $10.5 trillion USD by 2025, up from only $3 trillion USD…
New Malware-as-a-Service (MaaS) Under Rapid Development
A new malware-as-a-service (MaaS) loader under the name “BunnyLoader” has been discovered to be sold in multiple hacking forums. This malware has multiple functionalities which…
IoT Device Definition Types And The Four Most Popular In 2023
IoT – the global phenomenon which has taken the world by storm in 2023 was first coined in 1999 by Kevin Ashton. But since management…
Windows Server Running SMB over QUIC Leads to DoS Attack
QUIC, created by Google, is a modern transport layer protocol aimed at enhancing connection reliability and security while addressing latency and packet loss issues utilizing…
25 Year Old RSA Decryption Vulnerability Disclosed
A new type of vulnerability in the software implementation of PKCS#1 v1.5 padding scheme for RSA key exchange, which was previously confirmed to be susceptible,…
Malicious npm & PyPi Packages Exfiltrate SSH Keys From Server
JavaScript and Python both have their own package repositories called npm (Node Package Manager) and PyPi (Python Package Index), respectively. They act as key centers…
$20M Offered By Russian Zero-Day Seller Hack Android & iPhones
The Russian company Operation Zero is currently offering researchers $20 million in exchange for hacking tools that would enable its customers to take control of…
New Ransomware Trend – Threat Actors Plant Two Ransomware
The FBI alerts on rising ransomware trends and urges organizations to follow mitigation recommendations for minimizing ransomware risks and consequences. In July 2023, the FBI…