CISA tagged a vulnerability in BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) as actively exploited in attacks, ordering agencies to secure their systems within three weeks. […]
Category: Exploits
Cloud, Exploits, Global Security News, Security
Hackers exploit critical Aviatrix Controller RCE flaw in attacks
Threat actors are exploiting a critical remote command execution vulnerability, tracked as CVE-2024-50603, in Aviatrix Controller instances to install backdoors and crypto miners. […]
Exploits, Global Security News, privacy roundup, Security Bloggers Network
Privacy Roundup: Week 2 of Year 2025
This is a news item roundup of privacy or privacy-related news items for 5 JAN 2025 – 11 JAN 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
Exploits, Global Security News
Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners
A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners. Cloud security firm Wiz said it’s currently responding to “multiple incidents” involving the weaponization of CVE-2024-50603 (CVSS score: 10.0), a maximum severity bug that could result in
Artificial Intelligence, Regulation, Security, Exploits, Global Security News
Biden’s final push: Using AI to bolster cybersecurity standards
In a decisive move to strengthen national cybersecurity, President Joe Biden is poised to sign an executive order imposing stringent security standards for federal agencies and contractors. Scheduled for publication in the coming days, the directive will emphasize integrating artificial intelligence (AI) into cyber defense strategies while addressing systemic vulnerabilities in software security, reported Reuters.…
Cybersecurity, Data Privacy, digital footprint, Exploits, Global Security News, Hackers, pii, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Social Engineering, Threats & Breaches
How Your Digital Footprint Fuels Cyberattacks — and What to Do About It
Where you live, where you jog, what your pet’s name is and which email address you use the most is no longer a secret to cybercriminals. Hackers are exploiting the digital breadcrumbs — your personally identifiable information (PII) — that you leave behind daily to launch their cyber attacks. So what can you do to..…
Apple, Exploits, Global Security News, Security
Phishing texts trick Apple iMessage users into disabling protection
Cybercriminals are exploiting a trick to turn off Apple iMessage’s built-in phishing protection for a text and trick users into re-enabling disabled phishing links. […]
Exploits, Global Security News, Security
Fake LDAPNightmware exploit on GitHub spreads infostealer malware
A deceptive proof-of-concept (PoC) exploit for CVE-2024-49113 (aka “LDAPNightmare”) on GitHub infects users with infostealer malware that exfiltrates sensitive data to an external FTP server. […]
Exploits, Global Security News
China’s UNC5337 Exploits a Critical Ivanti RCE Bug, Again
New year, same story. Despite Ivanti’s commitment to secure-by-design principles, Chinese threat actors are exploiting its edge devices for the nth time.
Exploits, Global Security News
Threat Actors Exploit a Critical Ivanti RCE Bug, Again
New year, same story. Despite Ivanti’s commitment to secure-by-design principles, threat actors — possibly the same ones as before — are exploiting its edge devices for the nth time.
critical infrastructure, cyber hygiene, Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), Exploits, Global Security News, vulnerabilities
CISA report touts cyber hygiene enrollment surge for critical infrastructure orgs
The Cybersecurity and Infrastructure Security Agency has seen a surge in its Cyber Hygiene (CyHy) service enrollment from critical infrastructure organizations over a two-year period, with the communications sector representing the biggest jump. In a report released Friday, CISA said an analysis of the 7,791 critical infrastructure organizations enrolled in the agency’s vulnerability scanning service…
Exploits, Global Security News, Security
2025 Cybersecurity and AI Predictions
The cybersecurity and AI landscape continues to evolve at a breathtaking pace, and with it, the associated risks. Snowballing cybercrime costs are compounded by a cybersecurity workforce gap of nearly 4.8 million professionals, as reported by ISC2. Meanwhile, ISACA’s end-2024 State of Cybersecurity Report shows that nearly half of those surveyed claim no involvement in…
attack surface, Commentary, Exploits, Global Security News, security theater
What is ‘security theater’ and how can we move beyond it?
Conventional wisdom assumes that the more vulnerabilities a security tool flags, the easier it will be for a company to secure its infrastructure. In theory, layering more tools into a tech stack should equal more effective attack surface monitoring, right? Well, reality isn’t quite panning out like that. If anything, tool sprawl has created an…
Encryption, Malware, Phishing, Exploits, Global Security News
Malware targets Mac users by using Apple’s security tool
A variant of the Banshee macOS infostealer was seen duping detection systems with new string encryption copied from Apple’s in-house algorithm. A Check Point research, which caught the variant after two months of successful evasion, said threat actors distributed Banshee using phishing websites and fake GitHub repositories, often impersonating popular software like Google Chrome, Telegram,…
Exploits, Global Security News
CrowdStrike Warns of Phishing Scam Targeting Job Seekers with XMRig Cryptominer
Cybersecurity company CrowdStrike is alerting of a phishing campaign that exploits its own branding to distribute a cryptocurrency miner that’s disguised as an employee CRM application as part of a supposed recruitment process. “The attack begins with a phishing email impersonating CrowdStrike recruitment, directing recipients to a malicious website,” the company said. “Victims are prompted…
2024, 2025, Analytics & Intelligence, Cybersecurity, Exploits, Featured, GenAI, Global Security News, Netskope, News, phishing, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, Threats & Breaches, vulnerabilities
Phishing Threats, GenAI Among Top Cybersecurity Risks in 2025
Organizations are facing escalating threats from phishing attacks, personal app usage and the widespread adoption of generative AI (GenAI) in workplaces. According to a Netskope report, phishing attacks surged in 2024, with enterprise employees clicking on phishing links at a rate nearly three times higher than in 2023. The study found phishing campaigns have evolved..…
Cyberattacks, Malware, Exploits, Global Security News
Legitimate PoC exploited to spread information stealer
A recently copied and abused open source proof of concept (PoC) exploit from a reputable security company, aimed at helping threat researchers, is the latest example of the novel tactics hackers will use to spread malware. PoCs for known vulnerabilities are created to be shared by students, researchers, and IT pros to improve software and…
Exploits, Global Security News, Malware, Vulnerabilities, Zero-day vulnerability
Ivanti zero-day exploited by APT group that previously targeted Connect Secure appliances
Researchers from Google’s Mandiant division believe the critical remote code execution vulnerability patched on Wednesday by software vendor Ivanti has been exploited since mid-December by a Chinese cyberespionage group. This is the same group that has exploited zero-day vulnerabilities in Ivanti Connect Secure appliances back in January 2024 and throughout the year. The latest attacks,…
Chinese cyber espionage, Cloud Security, Cybersecurity, Data Security, Endpoint, Exploits, Global Security News, ivanti, malware, Network Security, News, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, Threat Intelligence, vulnerabilities
Chinese-linked Hackers May Be Exploiting Latest Ivanti Vulnerability
Software maker Ivanti, which for more than a year has been plagued by security flaws in its appliance, unveiled two new ones this week, with Mandiant researchers saying that one likely is being activity exploited by China-linked threat groups. The post Chinese-linked Hackers May Be Exploiting Latest Ivanti Vulnerability appeared first on Security Boulevard.
Botnets, DDoS, Exploits, Global Security News
New Mirai botnet targets industrial routers
According to security analysis, the Gayfemboy botnet, based on the notorious Mirai malware, is currently spreading around the world. Researchers from Chainxin X Lab found that cybercriminals have been using the botnet since November 2024 to attack previously unknown vulnerabilities. The botnet’s preferred targets include Four-Faith and Neterbit routers or smart home devices. Experts from VulnCheck reported at the end…
Exploits, Global Security News, Network Security, Vulnerabilities
SonicWall firewall hit with critical authentication bypass vulnerability
SonicWall is warning customers of a severe vulnerability in its SonicOS SSLVPN with high exploitability that remote attackers could use to bypass authentication. The bug is an improper authentication vulnerability in the SSL VPN authentication mechanism, according to emails sent to customers and published on SonicWall’s official subreddit. “We have identified a high (severity) firewall…
Exploits, Global Security News
Major Vulnerabilities Patched in SonicWall, Palo Alto Expedition, and Aviatrix Controllers
Palo Alto Networks has released software patches to address several security flaws in its Expedition migration tool, including a high-severity bug that an authenticated attacker could exploit to access sensitive data. “Multiple vulnerabilities in the Palo Alto Networks Expedition migration tool enable an attacker to read Expedition database contents and arbitrary files, as well as…
Cybersecurity, Cybersecurity and Infrastructure Security Agency (CISA), exploit, Exploits, Global Security News, ivanti, malware, Mandiant, SPAWN, UNC5221, UNC5337, vulnerabilities, zero days
New zero-day exploit targets Ivanti VPN product
A year after a series of vulnerabilities impacting a pair of Ivanti VPN products prompted an emergency directive from the Cybersecurity and Infrastructure Security Agency to federal agencies, the Utah-based software firm is again experiencing issues with one of its signature systems. The company on Wednesday disclosed two vulnerabilities — CVE-2025-0282 and CVE-2025-0283 — that…
Exploits, Global Security News, Security
Google: Chinese hackers likely behind Ivanti VPN zero-day attacks
Hackers exploiting the critical Ivanti Connect Secure zero-day vulnerability disclosed yesterday installed on compromised VPN appliances new malware called ‘Dryhook’ and ‘Phasejam’ that is not currently associated with any threat group. […]
Cybersecurity, Exploits, Global Security News, hack, ivanti, Security, VPN, vulnerability
Hackers are exploiting a new Ivanti VPN security bug to hack into company networks
Mandiant says a Chinese cyberespionage group has been exploiting the critical-rated vulnerability since at least mid-December. © 2024 TechCrunch. All rights reserved. For personal use only.
Cyberattacks, Security, Vulnerabilities, Exploits, Global Security News
China-linked hackers target Japan’s national security and high-tech industries
Japan’s National Police Agency (NPA) and the National Center of Incident Readiness and Strategy for Cybersecurity (NISC) have exposed a long-running cyber espionage campaign, “MirrorFace” (also known as Earth Kasha), allegedly linked to China. The campaign, operational since 2019, has targeted Japanese organizations, businesses, and individuals, primarily to exfiltrate sensitive data related to national security…
Artificial Intelligence, Exploits, Global Security News
Neues Mirai-Botnet zielt auf Industrierouter
Das Botnet Gayfemboy basiert auf der Malware Mirai und zielt auf Industrierouter auf der ganzen Welt. Jaiz Anuar – Shutterstock.com Security-Analysen zufolge verbreitet sich das auf der berüchtigten Mirai-Malware basierende Botnet Gayfemboy derzeit auf der ganzen Welt. Forscher von Chainxin X Lab stellten fest, dass Cyberkriminelle das Botnet seit November 2024 nutzen, um bislang unbekannte…
Exploits, Global Security News
Critical Ivanti Zero-Day Exploited in the Wild
Ivanti customers are urged to patch two new bugs in the security vendor’s products, one of which is being actively exploited
Exploits, Global Security News
Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection
Threat actors are attempting to take advantage of a recently disclosed security flaw impacting GFI KerioControl firewalls that, if successfully exploited, could allow malicious actors to achieve remote code execution (RCE). The vulnerability in question, CVE-2024-52875, refers to a carriage return line feed (CRLF) injection attack, paving the way for HTTP response splitting, which could…
Exploits, Global Security News
Ivanti Flaw CVE-2025-0282 Actively Exploited, Impacts Connect Secure and Policy Secure
Ivanti is warning that a critical security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA Gateways has come under active exploitation in the wild beginning mid-December 2024. The security vulnerability in question is CVE-2025-0282 (CVSS score: 9.0), a stack-based buffer overflow that affects Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version…
Exploits, Global Security News, Network Security, Threat and Vulnerability Management, Zero-day vulnerability
Ivanti warns critical RCE flaw in Connect Secure exploited as zero-day
IT software provider Ivanti released patches Wednesday for its Connect Secure SSL VPN appliances to address two memory corruption vulnerabilities, one of which has already been exploited in the wild as a zero-day to compromise devices. The exploited vulnerability, tracked as CVE-2025-0282, is a stack-based buffer overflow rated as critical with a CVSS score of…
Exploits, Global Security News, Medical Devices, Supply Chain, Vulnerabilities
DNA sequencer vulnerabilities signal firmware issues across medical device industry
In highlighting vulnerabilities in a widely used DNA gene sequencing device, security researchers have brought further attention to the likely poor state of security in the medical device industry, where hardware and firmware development is often outsourced to external equipment manufacturers under questionable support contracts. The device, Illumina’s iSeq 100 compact DNA sequencer, is used…
Exploits, Global Security News, Security
Ivanti warns of new Connect Secure flaw used in zero-day attacks
Ivanti is warning that a new Connect Secure remote code execution vulnerability tracked as CVE-2025-0282 was exploited in zero-day attacks to install malware on appliances. […]
Exploits, Global Security News, Security
SonicWall urges admins to patch exploitable SSLVPN bug immediately
SonicWall is emailing customers urging them to upgrade their firewall’s SonicOS firmware to patch an authentication bypass vulnerability in SSL VPN and SSH management that is “susceptible to actual exploitation.” […]
Exploits, Global Security News, Security
Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens
Hackers are trying to exploit CVE-2024-52875, a critical CRLF injection vulnerability that leads to 1-click remote code execution (RCE) attacks in GFI KerioControl firewall product. […]
Communications Security, Vulnerabilities, Exploits, Global Security News
Critical Mitel, Oracle flaws find active exploitation, CISA urges patching
Attackers are actively expoiting flaws in Mitel MiCollab flaws to gain unauthorized access to sensitive system files, the US Cybersecurity and Infrastructure Security Agency (CISA) has warned. On Tuesday the agency added two path traversal vulnerabilities in the widely used communication platform to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of exploitation. “These type…
Exploits, Global Security News
CVE-2025-0282: Ivanti Connect Secure zero-day exploited in the wild
On Wednesday, January 8, 2025, Ivanti disclosed two CVEs affecting Ivanti Connect Secure, Policy Secure, and Neurons for ZTA gateways. CVE-2025-0282 is a stack-based buffer overflow vulnerability that allows remote, unauthenticated attackers to execute code on the target device. CVE-2025-0283 is a stack-based buffer overflow that allows local authenticated attackers to escalate privileges on the device.
Exploits, Global Security News
New Mirai Botnet Exploits Zero-Days in Routers and Smart Devices
A newly identified Mirai botnet exploits over 20 vulnerabilities, including zero-days, in industrial routers and smart home devices
Exploits, Global Security News
CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three flaws impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows – CVE-2024-41713 (CVSS score: 9.1) – A path traversal vulnerability in Mitel MiCollab that could allow…
Exploits, Global Security News, Security
New Mirai botnet targets industrial routers with zero-day exploits
A relatively new Mirai-based botnet has been growing in sophistication and is now leveraging zero-day exploits for security flaws in industrial routers and smart home devices. […]
Exploits, Global Security News, Security
CISA warns of critical Oracle, Mitel flaws exploited in attacks
CISA has warned U.S. federal agencies to secure their systems against critical vulnerabilities in Oracle WebLogic Server and Mitel MiCollab systems that are actively exploited in attacks. […]
Exploits, Global Security News
CISA: Third-Party Data Breach Limited to Treasury Dept.
The breach was carried out by exploiting CVE-2024-12356 in BeyondTrust cybersecurity company, just last week.
Exploits, Global Security News
Researchers Uncover Major Security Flaw in Illumina iSeq 100 DNA Sequencers
Cybersecurity researchers have uncovered firmware security vulnerabilities in the Illumina iSeq 100 DNA sequencing instrument that, if successfully exploited, could permit attackers to brick or plant persistent malware on susceptible devices. “The Illumina iSeq 100 used a very outdated implementation of BIOS firmware using CSM [Compatibility Support Mode] mode and without Secure Boot or standard
Exploits, Generative AI, Penetration Testing, Security, Threat and Vulnerability Management, Vulnerabilities, Global Security News
Gen AI is transforming the cyber threat landscape by democratizing vulnerability hunting
Generative AI has had a significant impact on a wide variety of business processes, optimizing and accelerating workflows and in some cases reducing baselines for expertise. Add vulnerability hunting to that list, as large language models (LLMs) are proving to be valuable tools in assisting hackers, both good and bad, in discovering software vulnerabilities and…
Browsers, clickjacking, Cybersecurity, Exploits, Global Security News, phishing, Security Bloggers Network
Two Clicks to Chaos: How Double-clickjacking Hands Over Control of Apps without Users Knowing
In our last blog, we discussed how OAuth-based consent phishing attacks have been used to trick users into giving malicious apps the permission to conduct malicious activities via an employee’s account. This attack has been extremely effective due to the lack of awareness of how attackers can misuse OAuth permissions. Now, let’s say we are…
CVE, Cybersecurity, Exploits, Global Security News, industrial control systems (ICS), industrial IoT (IIoT), Moxa, Threats, vulnerabilities
Industrial networking manufacturer Moxa reports ‘critical’ router bugs
Firmware in cellular routers, secure routers and network security appliances made by Moxa are vulnerable to a pair of high severity bugs that can escalate privileges for an attacker, give root-level access or allow for unauthorized execution of commands. In a pair of CVEs published Jan. 3, Moxa called the flaws “critical” and warned they…
Exploits, Global Security News
Supply Chain Attack Targets Key Ethereum Development Tools
A new supply chain attack targets Ethereum tools, exploiting npm packages to steal sensitive data
Cybersecurity, Exploits, Featured, Global Security News, News, phishing, plugin, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, Threats & Breaches, wordpress
WordPress Plugin Exploited to Turn Legitimate Sites Into Phishing Traps
A WordPress plugin known as PhishWP, has been discovered on Russian cybercrime forums and is being exploited by cybercriminals to steal sensitive data from unsuspecting users. The post WordPress Plugin Exploited to Turn Legitimate Sites Into Phishing Traps appeared first on Security Boulevard.
Exploits, Global Security News
Russian-Speaking Attackers Target Ethereum Devs with Fake Hardhat npm Packages
Cybersecurity researchers have revealed several malicious packages on the npm registry that have been found impersonating the Nomic Foundation’s Hardhat tool in order to steal sensitive data from developer systems. “By exploiting trust in open source plugins, attackers have infiltrated these platforms through malicious npm packages, exfiltrating critical data such as private keys, mnemonics,
Exploits, Global Security News, privacy roundup, Security Bloggers Network
Privacy Roundup: Week 1 of Year 2025
This is a news item roundup of privacy or privacy-related news items for 29 DEC 2024 – 4 JAN 2024. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things overlap; for…
Exploits, Global Security News
Researchers Uncover Nuclei Vulnerability Enabling Signature Bypass and Code Execution
A high-severity security flaw has been disclosed in ProjectDiscovery’s Nuclei, a widely-used open-source vulnerability scanner that, if successfully exploited, could allow attackers to bypass signature checks and potentially execute malicious code. Tracked as CVE-2024-43405, it carries a CVSS score of 7.4 out of a maximum of 10.0. It impacts all versions of Nuclei later than…
Active Directory, Vulnerabilities, Windows Security, Exploits, Global Security News
Critical Windows LDAP flaw could lead to crashed servers, RCE attacks
Researchers have published a proof-of-concept exploit for a pair of Windows Lightweight Directory Access Protocol (LDAP) flaws that could lead to server crashes or remote code execution (RCE) on Windows servers. “Active Directory Domain Controllers (DCs) are considered to be one of the crown jewels in organizational computer networks,” noted researchers at security firm SafeBreach,…
Exploits, Global Security News
LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers
A proof-of-concept (PoC) exploit has been released for a now-patched security flaw impacting Windows Lightweight Directory Access Protocol (LDAP) that could trigger a denial-of-service (DoS) condition. The out-of-bounds reads vulnerability is tracked as CVE-2024-49113 (CVSS score: 7.5). It was addressed by Microsoft as part of Patch Tuesday updates for December 2024, alongside CVE-2024-49112 (
Development Approaches, DevSecOps, Security Practices, Security Software, Software Development, Exploits, Global Security News
Secure by design vs by default – which software development concept is better?
As cybersecurity professionals, we need to know that the software products we acquire are safe and able to support or accommodate the procedures and tools we use to keep attackers at bay while performing their given functions. With attacks perennially on the rise and the software supply chain remaining as vulnerable as ever, there is…
Best of 2024, CISA cybersecurity advisory, Cisco network device security, critical Cisco vulnerabilities 2024, Cybersecurity News, Exploits, Global Security News, password-cracking attacks, Smart Software Manager On-Prem flaw
Best of 2024: Cisco Vulnerability: CISA Alerts Of Smart Install Exploits
In light of recent cybercrime incidents, the United States (US) Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert pertaining to a Cisco vulnerability. As per recent reports, the Cisco vulnerability prevails within the Smart Install (SMI) feature and can be exploited for access to sensitive data. In this article, we’ll explore the vulnerability…
Careers, Certifications, IT Skills, Security, Exploits, Global Security News
12 best entry-level cybersecurity certifications
A UC Berkeley professor recently made headlines when he stated that even his computer science graduates with a perfect 4.0 grade point average were failing to land jobs. Such is the labor market in the AI era. With AI coding assistants in wide use, junior developer roles are in jeopardy. The same may soon be…
CSO and CISO, Exploits, Global Security News
CISO – Traumjob oder eher Albtraum
loading=”lazy” width=”400px”>Der CISO-Job kann auch zu einem Albtraum werden – gerade wenn die Unterstützung und das Budget fehlt. Toma Stepunina – shutterstock.com „Die Rolle des CISO (Chief Information Security Office) ist nicht erstrebenswert“ – so lautet eine der zentralen Thesen der IT-Security-Spezialisten von WatchGuard Technologies für das Jahr 2025. Dabei seien die typische Probleme, die…
Exploits, Global Security News, Security Bloggers Network
LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112
SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows Lightweight Directory Access Protocol (LDAP) remote code execution vulnerability (CVE-2024-49112). The post LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112 appeared first on SafeBreach. The post LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112 appeared first on Security…
Apps, Creators, Exploits, Global Security News, influencers, Instagram, Telegram
Investigation exposes pedophilia in the child-influencer industry
A New York Times investigation found that dozens of potential pedophiles have prolifically exploited the child influencer industry. © 2024 TechCrunch. All rights reserved. For personal use only.
Blog, Data Security, data theft, digital supply chain, Exploits, Global Security News, Resources, Security Bloggers Network
CRITICAL ALERT: Sophisticated Google Domain Exploitation Chain Unleashed
by Source Defense A sophisticated attack chain targeting e-commerce payment flows has been prematurely exposed in a concerning development, highlighting the delicate balance between responsible disclosure and public safety. Discovered initially by Source Defense’s research team and responsibly disclosed to Google on November 19, 2024 (Issue ID: 379818473), this critical vulnerability has now been publicly…
Cyberattacks, Hacking, Security, Exploits, Global Security News
Top 12 ways hackers broke into your systems in 2024
In 2024, hackers had a field day finding sneaky ways into systems — from convincing phishing scams that played on human curiosity to brutal software flaws that exposed gaps in tech upkeep. It was a year of clever breaches, showing just how wide the gap is between user habits and security practices. “While every year…
Exploits, Global Security News
Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster to Exploitation
Cybersecurity researchers have uncovered three security weaknesses in Microsoft’s Azure Data Factory Apache Airflow integration that, if successfully exploited, could have allowed an attacker to gain the ability to conduct various covert actions, including data exfiltration and malware deployment. “Exploiting these flaws could allow attackers to gain persistent access as shadow administrators
Exploits, Global Security News, Internet of Things (IoT), routers, threat detection, Uncategorized, vulnerabilities
Thousands of industrial routers vulnerable to command injection flaw
Thousands of industrial routers from a Chinese telecommunications equipment manufacturer are vulnerable to a post-authentication vulnerability, with indications it is already being exploited in the wild to infect devices with Mirai malware. On Dec. 27, VulnCheck detailed the vulnerability, tracked as CVE-2024-12856, wherein an attacker can leverage default credentials in Four-Faith F3x24 and F3x36 routers…
Exploits, Global Security News, Hardware, Security
Hackers exploit Four-Faith router flaw to open reverse shells
Threat actors are exploiting a post-authentication remote command injection vulnerability in Four-Faith routers tracked as CVE-2024-12856 to open reverse shells back to the attackers. […]
Exploits, Global Security News
15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials
A high-severity flaw impacting select Four-Faith routers has come under active exploitation in the wild, according to new findings from VulnCheck. The vulnerability, tracked as CVE-2024-12856 (CVSS score: 7.2), has been described as an operating system (OS) command injection bug affecting router models F3x24 and F3x36. The severity of the shortcoming is lower due to…
Exploits, Global Security News, Security
Hackers exploit DoS flaw to disable Palo Alto Networks firewalls
Palo Alto Networks is warning that hackers are exploiting the CVE-2024-3393 denial of service vulnerability to disable firewall protections by forcing it to reboot. […]
Exploits, Global Security News
Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia
The threat actor known as Cloud Atlas has been observed using a previously undocumented malware called VBCloud as part of its cyber attack campaigns targeting “several dozen users” in 2024. “Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in the formula editor (CVE-2018-0802) to download and execute malware code,”…
Exploits, Global Security News
Emerging Threats & Vulnerabilities to Prepare for in 2025
From zero-day exploits to 5G network vulnerabilities, these are the threats that are expected to persist over the next 12 months.
Exploits, Global Security News
Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now
The Apache Software Foundation (ASF) has shipped security updates to address a critical security flaw in Traffic Control that, if successfully exploited, could allow an attacker to execute arbitrary Structured Query Language (SQL) commands in the database. The SQL injection vulnerability, tracked as CVE-2024-45387, is rated 9.9 out of 10.0 on the CVSS scoring system.…
Cyberattacks, Hacker Groups, Security, Exploits, Global Security News
The 2024 cyberwar playbook: Tricks used by nation-state actors
In 2024, nation-state cyber activity was off the charts, with Chinese, Russian, and Iranian actors leading the charge. Their campaigns weren’t just relentless — they were innovative, using a crafty mix of Tactics, Techniques, and Procedures (TTPs) to gain footholds, stay hidden, and spy-like pros. “There was definitely a continued and noted uptick in nation-state…
Exploits, Global Security News, Security
New botnet exploits vulnerabilities in NVRs, TP-Link routers
A new Mirai-based malware campaign is actively exploiting unpatched vulnerabilities in Internet of Things (IoT) devices, including DigiEver DS-2105 Pro DVRs. […]
cyberattack, Exploits, Global Security News, Ransomware, Security
Clop ransomware gang takes credit for latest mass hack that breached dozens of companies
The prolific ransomware gang says it hacked at least 66 companies by exploiting a bug in tools made by Cleo Software. © 2024 TechCrunch. All rights reserved. For personal use only.
Exploits, Global Security News
CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched high-severity security flaw impacting Acclaim Systems USAHERDS to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild. The vulnerability in question is CVE-2021-44207 (CVSS score: 8.1), a case of hard-coded, static credentials in Acclaim USAHERDS that
Exploits, Global Security News, Security
Adobe warns of critical ColdFusion bug with PoC exploit code
Adobe has released out-of-band security updates to address a critical ColdFusion vulnerability with proof-of-concept exploit code. […]
Exploits, Global Security News
U.S. Judge Rules Against NSO Group in WhatsApp Pegasus Spyware Case
Meta Platforms-owned WhatsApp scored a major legal victory in its fight against Israeli commercial spyware vendor NSO Group after a federal judge in the U.S. state of California ruled in favor of the messaging giant for exploiting a security vulnerability to deliver Pegasus. “The limited evidentiary record before the court does show that defendants’ Pegasus…
Exploits, Global Security News, Security, Threat and Vulnerability Management, Vulnerabilities
Top 7 zero-day exploitation trends of 2024
Zero-day vulnerabilities saw big growth once again in 2024. With no patch available, zero-day flaws give attackers a significant jump on cybersecurity defense teams, making them a critical weapon for attacking enterprise systems. But while all zero-days are essential for CISOs and their team to be aware of, and for vendors to remedy in a…
Blog, Exploits, Global Security News, Security Bloggers Network
Understanding Cyber Threats During the Holiday Season
Understanding Cyber Threats During the Holiday Season Understanding Cyber Threats During the Holiday Season The holiday season, while festive, presents heightened cybersecurity risks for businesses. Cybercriminals exploit increased online activity and reduced vigilance during this period. Understanding these threats is crucial for effective defense. The holiday season, while festive, presents heightened cybersecurity risks for businesses.…
Exploits, Global Security News
Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation
Sophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain conditions. Of the three, two are rated Critical in severity. There is currently no evidence that the shortcomings have been exploited in the wild. The list…
Exploits, Global Security News
Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools
A now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and ScreenConnect. The vulnerability in question is CVE-2023-48788 (CVSS score: 9.3), an SQL injection bug that allows attackers to execute unauthorized code or commands by sending…
Exploits, Global Security News
CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2024-12356 (CVSS score: 9.8), is a command injection flaw that
cybersecurity education, DEF CON 32, DEFCONConference, Exploits, Global Security News, Infosecurity Education, Security Bloggers Network
DEF CON 32 – Exploiting Cloud Provider Vulnerabilities for Initial Access
Author/Presenter: Nick Frichette Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink The post DEF CON 32 – Exploiting Cloud Provider Vulnerabilities for Initial Access appeared first on…
Exploits, Global Security News, Security, Security Operations Center
From reactive to proactive: Redefining incident response with unified, cloud-native XDR
In today’s rapidly evolving threat landscape, cybersecurity is a constant game of cat and mouse. The average security operations center (SOC) team receives 4,484 alerts every day and can spend up to 3 hours manually triaging to understand which signals represent a genuine threat and which are just noise. However, this model traps SOCs in…
Exploits, Global Security News
Vulnerability Exploit Assessment Tool EPSS Exposed to Adversarial Attack
A Morphisec researcher showed how an attacker could manipulate FIRST’s Exploit Prediction Scoring System (EPSS) using AI
Compliance, Cybersecurity, Data Security, ecommerce, Enterprise, Exploits, Global Security News, Security, Security Awareness, Security Boulevard (Original), Skimming, Social - Facebook, Social - LinkedIn, Social - X
Understanding Virtual Skimmers: A Threat to E-Commerce Security
Virtual skimmers exploit vulnerabilities in websites that process payments online, often without leaving a trace until it’s too late. The post Understanding Virtual Skimmers: A Threat to E-Commerce Security appeared first on Security Boulevard.
Exploits, Global Security News, Ransomware, Security
A new ransomware regime is now targeting critical systems with weaker networks
The year 2024’s ransomware shake-up, fueled by law enforcement crackdowns on giants like LockBit, has shifted focus to critical operations, with major attacks this year hitting targets like Halliburton, TfL, and Arkansas water plant. A Dragos study for the third quarter of 2024 highlighted a surge in activity from new groups like RansomHub, Play, and…
Data Breach, GDPR, Security, Exploits, Global Security News
Meta hit with $263 million fine in Europe over 2018 data breach
Meta has been fined $263.5 million (€251 million) by Ireland’s Data Protection Commission (DPC) for a 2018 Facebook security breach that exposed the sensitive data of 29 million users globally. The breach exploited a vulnerability in Facebook’s “view as” feature, which allows users to view their profiles as others would see them. The exploit enabled…
CSO and CISO, Hacker Groups, Hacking, IT Leadership, Security Practices, Exploits, Global Security News
CISOs should stop freaking out about attackers getting a boost from LLMs
A common refrain from cybersecurity professionals in recent years has been the need for a diversification of the CISO role to meet the demands of increased responsibility across numerous categories. In the past year, this refrain has grown louder, specifically around the topic of generative AI. Large language models (LLMs) have added a new dimension…
Exploits, Global Security News
Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected
Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution. The issue, tracked as CVE-2024-53677, carries a CVSS score of 9.5 out of 10.0, indicating critical severity. The vulnerability shares similarities with another critical bug the project maintainers addressed in December 2023…
Exploits, Global Security News, Uncategorized
Clop is back to wreak havoc via vulnerable file-transfer software
In what we can assure you is a new cybersecurity incident despite sounding incredibly similar to incidents of past notoriety: threat actors tied to a notorious ransomware and extortion group have exploited file-transfer software to carry out attacks. Clop has claimed responsibility for attacks tied to vulnerabilities in software made by Cleo, an Illinois-based IT…
Exploits, Global Security News, Security
New critical Apache Struts flaw exploited to find vulnerable servers
A recently patched critical Apache Struts 2 vulnerability tracked as CVE-2024-53677 is actively exploited using public proof-of-concept exploits to find vulnerable devices. […]
Exploits, Global Security News
2024 Threat Landscape: Ransomware Activity, Vulnerability Exploits, and Attack Trends
GUEST OPINION: Now we’ve reached the end of another year, you may be looking around the cybersecurity infosphere and seeing a glut of posts offering “hot takes” on the 2024 threat landscape and predictions about what’s coming next. At Rapid7, we don’t truck in hot takes, but rather, cold hard facts. Staying ahead of adversaries…
Configuration Management, Security Practices, Security Software, Threat and Vulnerability Management, Exploits, Global Security News
Top 10 cybersecurity misconfigurations: Nail the setup to avoid attacks
While cybersecurity headlines are often dominated by the latest zero-day or notable vulnerability in a vendor’s software/product or open-source software library, the reality is that many significant data breaches have been and will continue to be due to misconfigurations. To underscore the serious of this issue, the US National Security Agency (NSA) and the Cybersecurity…
Exploits, Global Security News
CISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT Campaign
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of flaws is below – CVE-2024-20767 (CVSS score: 7.4) – Adobe ColdFusion contains an improper access control vulnerability that could allow an attacker to…
APAC, Artificial Intelligence, Australia, Cybersecurity apac, cybersecurity threats apac 2025, cybersecurity vulnerabilities apac 2025, Exploits, Global Security News, Rapid7, Security
APAC: Ransomware to Cause ‘Bumpy’ Security Ride in 2025
Cashed-up ransomware criminals may exploit more zero days while potential blanket ransomware payment bans hang over defenders like a shadow.
cybersecurity education, DEF CON 32, DEFCONConference, Exploits, Global Security News, Infosecurity Education, Security Bloggers Network
DEF CON 32 – Iconv, Set The Charset To RCE Exploiting glibc To Hack The PHP Engine
Author/Presenter: Charles Fox Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink The post DEF CON 32 – Iconv, Set The Charset To RCE Exploiting glibc To Hack…
Exploits, Global Security News, Mobile, Security
New Android NoviSpy spyware linked to Qualcomm zero-day bugs
The Serbian government exploited Qualcomm zero-days to unlock and infect Android devices with a new spyware named ‘NoviSpy,’ used to spy on activists, journalists, and protestors. […]
Cloud Security, Exploits, Global Security News
Catching the ghost in the machine: Adapting threat detection to cloud speed
The rapid adoption of cloud technology has transformed how businesses operate, offering scalability, agility, and opportunities for innovation. However, this transformation has also introduced a profound challenge: the “ghost in the machine”—elusive and dynamic threats that exploit the complexity and scale of cloud environments to remain hidden, evading traditional detection methods and posing significant risks…
Exploits, Global Security News
Fake Captcha Campaign Highlights Risks of Malvertising Networks
Large-scale campaign identified by Guardio Lans and Infoblox, exploiting malvertising and fake captchas to distribute Lumma infostealer for massive theft
Application Security, Enterprise, Hacker Groups, Ransomware, Exploits, Global Security News
SAP-Systeme geraten zunehmend ins Visier von Cyber-Angreifern
width=”5000″ height=”2813″ sizes=”(max-width: 5000px) 100vw, 5000px”>Angriffe auf SAP-Systeme versprechen Hackern fette Beute. Shutterstock Ein Rückblick auf Bedrohungsdaten aus den zurückliegenden vier Jahren macht deutlich, dass immer mehr Cyberkriminelle SAP-Systeme ins Visier nehmen. Das berichtete Yvan Genuer, leitender Sicherheitsforscher bei Onapsis auf der Black Hat Europe, die vom 9. bis 12. Dezember 2024 in London stattfand.…
Cloud Security, Enterprise Buyer’s Guides, Exploits, Global Security News
Cloud Access Security Broker – ein Kaufratgeber
Lesen Sie, worauf es bei der Wahl eines Cloud Access Security Broker ankommt – und welche Anbieter was genau zu bieten haben. Jack the sparow | shutterstock.com Ein Cloud Access Security Broker (CASB) sitzt zwischen Enterprise-Endpunkten und Cloud-Ressourcen und fungiert dabei als eine Art Monitoring-Gateway. Eine CASB-Lösung: gewährt Einblicke in Benutzeraktivitäten in der Cloud, setzt…