OAuth and PostMessage
Tl;DR; An OAuth misconfiguration was discovered in the redirect_uri parameter at the target’s OAuth IDP at https://app.target.com/oauth/authorize, which allowed attackers to control the path of…
Latest Cybersecurity News — Page 5286
View all →
Chrome 116 Patches 26 Vulnerabilities
Google on Tuesday announced the release of Chrome 116 to the stable channel with patches for 26 vulnerabilities, including 21 reported by external researchers. Of…
2000+ Citrix NetScalers Hacked to Deploy Web shell
It has been discovered that an attacker installed web shells on susceptible Citrix NetScalers, exploiting the CVE-2023-3519 flaw to acquire persistent access. This critical zero-day…
Forging A Resilient Digital Future
Kuala Lumpur, 16 August 2023 — The highly anticipated inaugural Cyber Digital Services Defence & Security Asia (CyberDSA) 2023 has officially commenced at the Kuala…
Ivanti Avalanche vulnerable to attack by unauthenticated, remote attackers (CVE-2023-32560)
Two stack-based buffer overflow bugs (collectively designated as CVE-2023-32560) have been discovered in Ivanti Avalanche, an enterprise mobility management solution. A buffer overflow arises when…
Two stack buffer overflows found in Ivanti Avalanche EMMSecurity Affairs
Ivanti Avalanche EMM product is impacted by two buffer overflows collectively tracked as CVE-2023-32560. Tenable researchers discovered two stack-based buffer overflows, collectively tracked as CVE-2023-32560 (CVSS…
Gigabud RAT Attacking Android Users to Steal Banking Credentials
Recent reports indicate that GigaBud malware has been targeting more than 99 financial institutions in Thailand, Indonesia, Vietnam, the Philippines, and Peru. GigaBud is an…
Clop Leaks Victim Data, Uploads Data Stolen Via MOVEit Hack
The Cl0p ransomware group has begun the publication of pilfered information from targeted organizations on its leak portal, following an earlier warning directed towards victims…
Massive IBM Cyber Attack Exposes Personal Data Of 10 Million
In, what is being called the biggest data leaks, hackers have been able to exploit the data of over over 10 million individuals by targeting…
Approximately 2000 Citrix NetScaler servers were backdoored in massive campaignSecurity Affairs
A threat actor has compromised roughly 2,000 Citrix NetScaler servers exploiting a remote code execution tracked as CVE-2023-3519. In July Citrix warned customers of a…
How social media scams are draining bank accounts of victims
From time to time, we encounter social media posts that tempt us to click on a link promising heavily discounted goods or a chance to…
Cyber Criminals Turned Mac Systems into Proxy Exit Nodes
Besides Windows OS, now threat actors are also actively targeting Mac systems to accomplish their illicit goals. Cybersecurity analysts at AT&T Alien Labs recently observed…