by do son · Published November 6, 2024
In a critical security advisory, Cisco has disclosed a command injection vulnerability in its Unified Industrial Wireless Software used for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points. Identified as CVE-2024-20418,...
by do son · Published November 5, 2024
In a recent analysis, cybersecurity researchers Hichem Maloufi and Christian Mina detailed CVE-2024-44258, a symlink vulnerability affecting Apple’s ManagedConfiguration framework and the profiled daemon. This vulnerability allows attackers to manipulate...
by do son · Published November 5, 2024
A recent analysis from Hybrid Analysis, led by security researcher Vlad Pasca, reveals a newly identified keylogger malware attributed to the North Korean APT group Andariel. Known for their targeted...
In a new report, Cleafy’s Threat Intelligence team has detailed the emergence of a banking trojan known as ToxicPanda, a sophisticated Android malware that has quickly gained prominence by targeting...
by do son · Published November 5, 2024
In a recent report, Cloudflare reveals details about the threat actor LameDuck (Anonymous Sudan), a pro-Islamic, anti-Western group responsible for over 35,000 DDoS attacks against targets worldwide. Active since January...
by do son · Published November 5, 2024
Google has just released an update for its Chrome web browser, addressing two high-severity vulnerabilities that malicious actors could exploit. Users are strongly urged to update their browsers immediately to...
In a recent analysis, the SonicWall Capture Labs threat research team revealed the insidious capabilities of Stealc, an infostealer malware designed to steal credentials, cryptocurrency, and other sensitive data. This...
by do son · Published November 5, 2024
The S2 Research Team at Team Cymru has recently shed light on an escalating threat in the cybersecurity landscape: Operational Relay Box (ORB) networks. Defined as a hybrid between a...
by do son · Published November 5, 2024
Active Directory (AD) remains a core component of enterprise environments, and as such, understanding its vulnerabilities is crucial for both attackers and defenders. Enter Cable, a streamlined, open-source post-exploitation tool...
by do son · Published November 5, 2024
In a recent publication, cybersecurity engineer Adan explores a potentially underappreciated security risk in Amazon Web Services (AWS) through the IAM Roles Anywhere feature. Introduced in July 2022, IAM Roles...
by do son · Published November 5, 2024
In a recent report by cybersecurity expert Nimantha Deshappriya, details have emerged about a sustained cyber-espionage campaign orchestrated by the advanced persistent threat (APT) group known as SideWinder, also referred...
by do son · Published November 5, 2024
A recent blog by security researcher Hossam Ehab has detailed an advanced technique for process injection through manipulation of the Kernel Callback Table within the Process Environment Block (PEB) on...
by do son · Published November 5, 2024
LastPass, a leading password management platform, has issued a critical warning to users about a social engineering campaign targeting its customer base through deceptive reviews on its Chrome Web Store...
by do son · Published November 5, 2024
The Federal Bureau of Investigation (FBI) Atlanta Division has issued an urgent warning to the public about a surge in cybercriminals exploiting “Remember-Me” cookies to gain unauthorized access to email...
by do son · Published November 4, 2024
In its November 2024 security update, Google has addressed 40 security vulnerabilities in the Android operating system, two of which are flagged as actively exploited: CVE-2024-43047 and CVE-2024-43093. Google’s bulletin...
Support Securityonline.info site. Thanks!
