New tool FraudGPT allows scamming and easy hacking of victims using AI
Cybercriminals have just released a new tool known as FraudGPT, which represents a significant risk to both private persons and commercial enterprises. As a result…
Category: ExploitOne
In 2023, the worldwide average cost of a data breach rose 15% to $4.45 million USD
According to the latest Cost of a Data Breach study from IBM, the worldwide average cost of a data breach reached $4.45 million in 2023.…
Zero day flaw ‘Zenbleed’ in AMD Zen 2 Ryzen 3000, EPYC CPUs can leak your enterprise data
The dangers posed by cybersecurity continue to advance, and processors are not exempt from this trend. CVE-2023-20593 is a severe security issue that affects AMD’s…
Citrix/NetScaler vulnerability CVE-2023-3519 can cause more damage than one can imagine
The Cybersecurity and Infrastructure Security Agency (CISA) of the United States has issued a warning that threat actors attempted to target critical infrastructure using a…
Two AMI BMC vulnerabilities allow destroying data centers around the world remotely
Researchers from the security company Eclypsium investigated the AMI firmware that was stolen in the 2021 ransomware attack. They discovered vulnerabilities that had been dormant…
Since Microsoft can’t figure out how it got hacked, it lets customers see M365 logs for free
Microsoft said on Wednesday that it will broaden logging settings for lower-tier M365 customers and prolong the time of retention for threat-hunting data in response…
Millions of WordPress ecommerce websites affected by these two vulnerabilities
Over one million different attempts have been made to get into a popular WordPress plugin over the last several days, according to experts that study…
How new CVSS 4.0 framework is a game changer for cyber security industry
The Common Vulnerability Scoring System (CVSS) framework, which is used by cybersecurity experts and manufacturers to convey data about software vulnerabilities, is undergoing significant revisions.…
Taking control of network by hacking Citrix Secure Access Client vulnerabilities
Citrix is a cloud computing firm with its headquarters in Florida. Citrix focuses in the areas of computer software, virtualization, and cloud computing. As of…
How cybercriminals forge digital signatures on kernel-mode malicious drivers to bypass EDR
Chinese-speaking threat actors have been shown to be using a Microsoft Windows policy vulnerability to spoof signatures on kernel-mode drivers. The Windows operating system (OS)…
Biggest law firm hacked by MOVEit flaw, 16 millions victim’s data leaked
According to Nypost, the personal information of millionsof customers of three of the largest legal firms in the nation may have been exposed as a…
This exploit code allows hacking into Barracuda Email Security Gateway (ESG) appliance
Rapid7 published detailed anaysis and exploit of flaw in Barracuda Email Security Gateway (ESG) appliance. It has been discovered that versions 5.1.3.001–9.2.0.006 of the Barracuda…