News Archives • Page 436 of 631 • Daily CyberSecurity

North Korean Hackers Target South Korean Academics with New Chrome Extension Spyware malicious TRANSLATEXT extension

North Korean Hackers Target South Korean Academics with New Chrome Extension Spyware

Ddos July 1, 2024

Zscaler ThreatLabz, a leading cybersecurity research team, has uncovered a new cyber espionage campaign by the North...

CVE-2024-20399: Cisco NX-OS Zero-Day Vulnerability Under Active Attack

Ddos July 1, 2024

A zero-day vulnerability (CVE-2024-20399) has been discovered in Cisco NX-OS Software, the operating system powering a wide...

CVE-2024-6387: Critical OpenSSH Unauthenticated RCE Flaw ‘regreSSHion’ Exposes Millions of Linux Systems CVE-2024-6387 aka regreSSHion

CVE-2024-6387: Critical OpenSSH Unauthenticated RCE Flaw ‘regreSSHion’ Exposes Millions of Linux Systems

Ddos July 1, 2024

The Qualys Threat Research Unit (TRU) has detailed a severe security flaw, dubbed ‘regreSSHion,’ that leaves millions...

Google to Drop Entrust Certificates from Chrome Starting November 2024 Chrome Entrust Certificate

Google to Drop Entrust Certificates from Chrome Starting November 2024

Ddos July 1, 2024

In a significant move that underscores the critical nature of digital security, Google has announced that, starting...

PoC Exploit Published for Linux Kernel Privilege Escalation Flaw (CVE-2024-0193) Google Propeller LLVM integration, Profile-Guided Optimization (PGO) Linux Kernel AI, AI Code Guidelines CVE-2024-0193 PoC exploit

PoC Exploit Published for Linux Kernel Privilege Escalation Flaw (CVE-2024-0193)

Ddos June 30, 2024

A security researcher has released proof-of-concept (PoC) exploit code targeting a high-severity vulnerability (CVE-2024-0193) within the Linux...

CVE-2024-5261 (CVSS 10): LibreOffice Patches Critical Vulnerability in LibreOfficeKit

Ddos June 30, 2024

The Document Foundation, the organization behind the popular open-source office suite LibreOffice, has issued an urgent security...

Indirector – High-Precision Branch Target Injection Attacks: A New Threat to Intel CPUs Indirector attack

Indirector – High-Precision Branch Target Injection Attacks: A New Threat to Intel CPUs

Ddos June 30, 2024

Researchers at the University of California San Diego have published a groundbreaking paper detailing a new class...

Water Sigbin Threat Actor Targets Oracle WebLogic Servers to Deploy XMRig Cryptominer

Ddos June 30, 2024

Security researchers at Trend Micro have uncovered a sophisticated campaign by the Water Sigbin threat actor, also...

Critical Vulnerability in WebRTC Media Servers Threatens Real-Time Communication WebRTC Vulnerability

Critical Vulnerability in WebRTC Media Servers Threatens Real-Time Communication

Ddos June 30, 2024

A critical denial-of-service (DoS) vulnerability has been identified in media servers handling WebRTC’s DTLS-SRTP. This flaw, stemming...

Attackers Leveraging Public Cobalt Strike Profiles to Evade Detection Cobalt Strike Evade Detection

Attackers Leveraging Public Cobalt Strike Profiles to Evade Detection

Ddos June 30, 2024

In a recent report, Unit 42 researchers have revealed a concerning trend: threat actors are increasingly exploiting...

Microsoft Issues CVE Numbers for Cloud Service Vulnerabilities Microsoft Cloud Vulnerability

Microsoft Issues CVE Numbers for Cloud Service Vulnerabilities

Ddos June 30, 2024

In a move towards greater transparency and security, Microsoft has announced a new practice of assigning Common...

InnoLoader Malware Evades Detection Posing as Cracked Software

Ddos June 29, 2024

The AhnLab Security Intelligence Center (ASEC) has issued a warning about a new breed of malware that...

CVE-2024-36072 (CVSS 10): Unauthenticated RCE Flaw in CoSoSys Endpoint Protector CVE-2024-36072 Water Gamayun, MSC EvilTwin

CVE-2024-36072 (CVSS 10): Unauthenticated RCE Flaw in CoSoSys Endpoint Protector

Ddos June 28, 2024

CoSoSys, a leading data loss prevention (DLP) solutions provider, has urgently released patches to address four severe...

MerkSpy Spyware Campaign Exploits Microsoft Office Flaw

Ddos June 28, 2024

Cybersecurity researchers at FortiGuard Labs have uncovered a sophisticated cyberattack that leverages a known vulnerability in Microsoft...

TeamViewer Confirms Cyberattack by Notorious APT Group TeamViewer Cyberattack

TeamViewer Confirms Cyberattack by Notorious APT Group

Ddos June 27, 2024

TeamViewer, a remote control tool trusted by millions of users globally, has disclosed a significant cyberattack. A...

Critical Supply Chain Breach: Beware of Trojanized Notezilla, RecentX, Copywhiz Installers

Ddos June 27, 2024

Rapid7, a prominent cybersecurity firm, has uncovered a sophisticated supply chain attack targeting users of well-known Windows...

CVE-2024-2973 (CVSS 10): Juniper Session Smart Router Authentication Bypass Vulnerability

Ddos June 27, 2024

In a recent cybersecurity advisory, Juniper Networks disclosed a critical vulnerability identified as CVE-2024-2973, which has earned...

PoC Released for Unauthenticated RCE Vulnerability in TP-Link VIGI NVR4032H Network Video Recorder TP-Link VIGI NVR4032H Vulnerability

PoC Released for Unauthenticated RCE Vulnerability in TP-Link VIGI NVR4032H Network Video Recorder

Ddos June 27, 2024

A critical security vulnerability has been discovered in TP-Link’s VIGI NVR4032H network video recorder, a device widely...

UAC-0184’s XWorm RAT Campaign Targets Ukraine with Python and DLL Sideloading

Ddos June 27, 2024

The Cyble Research and Intelligence Labs (CRIL) has uncovered a persistent malware campaign specifically targeting Ukrainian individuals...

Avaya IP Office Users Urged to Patch Critical Flaws (CVE-2024-4196 & CVE-2024-4197)

Ddos June 27, 2024

The Avaya IP Office, a popular telephony system used by businesses worldwide, is facing a critical security...

Critical Alert 1 Active Exploit Detected Today