Pixiefail Flaws Impact Pxe Network Boot In Enterprise Systems
A set of nine vulnerabilities, collectively called 'PixieFail,' impact the IPv6 network protocol stack of Tianocore's EDK II, the open-source...
News
Macos Info Stealers Quickly Evolve To Evade Xprotect Detection
Multiple information stealers for the macOS platform have demonstrated the capability to evade detection even when security companies follow and...
Google Fixes First Actively Exploited Chrome Zero Day Of 2024
Google has released security updates to fix the first Chrome zero-day vulnerability exploited in the wild since the start of...
Github Rotates Keys To Mitigate Impact Of Credential Exposing Flaw
GitHub rotated keys potentially exposed by a vulnerability patched in December that could let attackers access credentials within production containers via environment...
Citrix Warns Of New Netscaler Zero Days Exploited In Attacks
Citrix urged customers on Tuesday to immediately patch Netscaler ADC and Gateway appliances exposed online against two actively exploited zero-day...
Fbi Androxgh0st Malware Botnet Steals Aws Microsoft Credentials
CISA and the FBI warned today that threat actors using Androxgh0st malware are building a botnet focused on cloud credential...
Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP!
Citrix is warning of two zero-day security vulnerabilities in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway)...
Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited Vulnerability
Google on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw....
Inferno Drainer Spoofs Over 100 Crypto Brands to Steal $80m+
The most prolific known crypto drainer of 2023 impersonated over 100 cryptocurrency brands across 16,000 phishing domains to trick victims...
Ivanti Zero-Days Exploited By Multiple Actors Globally
Two zero-day vulnerabilities in Ivanti products revealed last week are being exploited en masse worldwide, with over 1700 devices already...
New Tool Identifies Pegasus and Other iOS Spyware
Kaspersky’s Global Research and Analysis Team (GReAT) has unveiled a new, lightweight method to detect sophisticated iOS spyware, including notorious...
Crypto Heists Surge in 2023, $16.93m Already Stolen in 2024
Crypto heists increased in volume by 42% in 2023, with 283 incidents, according to an analysis by consumer awareness firm...
Phemedrone Stealer Targets Windows Defender Flaw Despite Patch
Cybersecurity experts have uncovered the active exploitation of CVE-2023-36025, which also led to the dissemination of a new strain of...
Email Nightmare: 94% of Firms Hit by Phishing Attacks in 2023
Email security remained top of mind for cybersecurity professionals in 2023 as over nine in ten (94%) cyber decision-makers had...
Alert: Over 178,000 SonicWall Firewalls Potentially Vulnerable to Exploits – Act Now
Over 178,000 SonicWall firewalls exposed over the internet are exploitable to at least one of the two security flaws that...
Remcos RAT Spreading Through Adult Games in New Attack Wave
The remote access trojan (RAT) known as Remcos RAT has been found being propagated via webhards by disguising it as...
Case Study: The Cookie Privacy Monster in Big Global Retail
Explore how an advanced exposure management solution saved a major retail industry client from ending up on the naughty step...
Hackers Weaponize Windows Flaw to Deploy Crypto-Siphoning Phemedrone Stealer
Threat actors have been observed leveraging a now-patched security flaw in Microsoft Windows to deploy an open-source information stealer called...
Inferno Malware Masqueraded as Coinbase, Drained $87 Million from 137,000 Victims
The operators behind the now-defunct Inferno Drainer created more than 16,000 unique malicious domains over a span of one year...
Latest Adblock Update Causes Massive Youtube Performance Hit
Adblock and Adblock Plus users report performance issues on YouTube, initially blamed on Google but later determined to be an...
Ivanti Connect Secure Zero Days Now Under Mass Exploitation
Two zero-day vulnerabilities affecting Ivanti's Connect Secure VPN and Policy Secure network access control (NAC) appliances are now under mass...
Us Court Docs Expose Fake Antivirus Renewal Phishing Tactics
In a seizure warrant application, the U.S. Secret Service sheds light on how threat actors stole $34,000 using fake antivirus...
Over 178k Sonicwall Firewalls Vulnerable To Dos Potential Rce Attacks
Security researchers have found over 178,000 SonicWall next-generation firewalls (NGFW) with the management interface exposed online are vulnerable to denial-of-service...
Windows Smartscreen Flaw Exploited To Drop Phemedrone Malware
A Phemedrone information-stealing malware campaign exploits a Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass Windows security prompts when opening URL...
