Palo Alto Products Remote Code Execution Vulnerability
A vulnerability has been identified in Palo Alto Products. A remote attacker can exploit this vulnerability to trigger remote code execution on...
News
Active Exploitation of Critical Vulnerability in Palo Alto Networks PAN-OS Software
Palo Alto Networks has disclosed a critical vulnerability (CVE-2024-3400) affecting their PAN-OS software used in its GlobalProtect gateways. The vulnerability...
How Microsoft discovers and mitigates evolving attacks against AI guardrails
As we continue to integrate generative AI into our daily lives, it’s important to understand the potential harms that can...
Active Exploitation of Vulnerabilities in D-Link Products
D-Link has disclosed two vulnerabilities (CVE-2024-3272 & CVE-2024-3273) in their network-attached storage (NAS) devices. These vulnerabilities are reportedly being actively...
Critical Vulnerability in Rust Standard Library
Rust has released an update to address a critical vulnerability (CVE-2024-24576) affecting the Rust standard library. The vulnerability has a...
Apr 2024 Monthly Patch
Microsoft has released security patches to address multiple vulnerabilities in their software and products.The vulnerabilities that have been classified as...
Interactive administration in the cloud: managing the risks
Interactive administration in the cloud: managing the risks In the NCSC’s cloud platforms guidance (and most recently in our lift...
Multiple Vulnerabilities in HTTP/2 Protocol
A security researcher has disclosed a new Denial-of-Service (DoS) attack method which exploits HTTP/2 protocols affected by a class of...
Microsoft Monthly Security Update (April 2024)
Microsoft has released monthly security update for their products: Vulnerable ProductRisk LevelImpactsNotesBrowser Low RiskSpoofing Windows High RiskSecurity Restriction Bypass Remote Code Execution...
US-CERT Vulnerability Summary for the Week of April 1, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Critical Vulnerability in WordPress LayerSlider Plugin
LayerSlider has released updates to address a critical vulnerability (CVE-2024-2879) affecting their LayerSlider plugin for WordPress. The vulnerability has a...
US-CERT Vulnerability Summary for the Week of March 25, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Multiple High Severity Vulnerabilities in Cisco IOS and IOS XE Software
Cisco has released updates addressing multiple high severity vulnerabilities (CVE-2024-20311, CVE-2024-20314, CVE-2024-20307, CVE-2024-20308, CVE-2024-20259, CVE-2024-20303) affecting their IOS and IOS...
Critical Vulnerability in XZ Utils
Security researchers have disclosed a critical vulnerability (CVE-2024-3094) in XZ Utils used in Linux distributions. The vulnerability has a Common...
Dinodasrat Malware Targets Linux Servers In Espionage Campaign
Security researchers have observed Red Hat and Ubuntu systems being attacked by a Linux version of the DinodasRAT (also known...
Vultur Banking Malware For Android Poses As Mcafee Security App
Security researchers found a new version of the Vultur banking trojan for Android that includes more advanced remote control capabilities...
Atandt Confirms Data For 73 Million Customers Leaked On Hacker Forum
AT&T has finally confirmed it is impacted by a data breach affecting 73 million current and former customers after initially...
Red Hat Warns Of Backdoor In Xz Tools Used By Most Linux Distros
Today, Red Hat warned users to immediately stop using systems running Fedora development and experimental versions because of a backdoor found...
Activision Enable 2fa To Secure Accounts Recently Stolen By Malware
An infostealer malware campaign has collected millions of logins from users of various gaming websites, including players that use cheats,...
One Year Later Rhadamanthys Is Still Dropped Via Malvertising
It was just a little over a year ago that the Rhadamanthys stealer was first publicly seen distributed via malicious...
Massive Utility Scam Campaign Spreads Via Online Ads
For many households, energy costs represent a significant part of their overall budget. And when customers want to discuss their...
Remote Monitoring Management Software Used In Phishing Attacks
Remote Monitoring & Management (RMM) software, including popular tools like AnyDesk, Atera, and Splashtop, are invaluable for IT administrators today,...
Stopping A Targeted Attack On A Managed Service Provider Msp With Threatdown Mdr
In late January 2024, the ThreatDown Managed Detection and Response (MDR) team found and stopped a three-month long malware campaign...
Ransomware Review March 2024
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
