Notorious French Hacker Faces Justice in U.S. for Major Frauds
Sebastien Raoult, 22, a citizen of Epinal, France, was arrested in Morocco in 2022 and extradited to the United States in 2023. According to the U.S. Department of Justice, Raoult...
Category: News
CVE-2023-6040: A Critical Linux Kernel Netfilter Vulnerability
The Linux Kernel has been hit by a significant security vulnerability, CVE-2023-6040, with a CVSS score of 7.8, impacting its netfilter component. Discovered by Lin Ma from Ant Security Light-Year...
CVE-2024-21591: Critical Pre-RCE Flaw Threatens Junos OS SRX and EX Series
Multiple vulnerabilities were identified in Juniper Junos OS, posing a range of threats from denial of service to remote code execution. CVE-2024-21611: A memory leak and eventually an rpd crash...
CVE-2024-0252 (CVSS 9.9): Zoho ManageEngine ADSelfService RCE Vulnerability
A new flaw has emerged, demanding immediate attention from IT professionals. Zoho‘s ManageEngine ADSelfService Plus, renowned for its integrated self-service password management and single sign-on capabilities for Active Directory and...
Taylor Swift Deepfake Scam: Fake Freebies Alert for Fans
In a digital world where reality is increasingly difficult to discern, a new scam leveraging the power of AI deepfake technology has emerged. This sophisticated scheme involves the creation of...
WorkersDevBackdoor Malware: The Hidden Threat in Online Ads
Detected by eSentire’s Threat Response Unit (TRU) in November 2023, WorkersDevBackdoor malware has been impacting the business services industry with its cunning distribution and destructive capabilities. The WorkersDevBackdoor spreads through...
DreamBus: The Linux-Based Malware Targeting Business Applications
Zscaler’s ThreatLabz research team detected a formidable adversary: DreamBus. A Linux-based malware family, DreamBus has been quietly evolving, honing its capabilities to exploit vulnerabilities in business applications. DreamBus, initially identified...
Medusa Ransomware: A Sinister Evolution in Cyber Extortion
The Medusa ransomware has emerged as a formidable adversary. Originating as a Ransomware-as-a-Service (RaaS) in late 2022, Medusa has rapidly evolved, primarily targeting Windows environments. This malicious software represents a...
CVE-2023-7028 & 5356: GitLab Addresses Account Takeover & Command Flaws
In the ever-evolving landscape of cyber threats, GitLab, a renowned player in the DevOps field, has recently taken decisive steps to fortify its defenses against a series of critical vulnerabilities....
NoaBot: A New Worm Targets Linux IoT Devices
In a recent report, Akamai, a leading cybersecurity firm, reveals that an unprecedented, self-repairing malware has compromised Linux devices globally over the past year, surreptitiously installing crypto-mining programs that ingeniously...
SEC Hack Exposes False Bitcoin Approval, Sowing Market Confusion
Yesterday, the SEC’s X account suddenly posted that it had approved at least one Bitcoin exchange-traded fund (ETF). For the cryptocurrency community, this is a long-awaited move and is expected...
Forcepoint X-Labs Exposes Advanced Microsoft Office Threat
Recently, Forcepoint X-Labs, a vanguard in cybersecurity, has unveiled an intricate cyber-attack targeting business leaders during a pivotal general election period. This sophisticated attack, discreetly veiled in an email about...
Critical Vulnerability CVE-2023-6875 Exposes Over 300,000 WordPress Sites to Site Takeover
Recently, a critical flaw named CVE-2023-6875 has emerged, targeting Post SMTP, a popular WordPress SMTP plugin, and posing a grave threat to over 300,000 websites. This vulnerability is not just...
Root Access Risk: Cisco Unity Connection’s CVE-2024-20272 Security Breach
A critical security flaw was found in the Cisco Unity Connection software. Identified as CVE-2024-20272, this vulnerability allows unauthenticated attackers could gain root privileges on unpatched devices. Cisco Unity Connection...
Ivanti’s Critical Security Alert: Two Zero-Days Exploited in the Wild
Ivanti, a well-known software company, has revealed two critical zero-day vulnerabilities in its Connect Secure and Policy Secure products. These vulnerabilities are already exploited by attackers. The first of these...
