Google Cloud Services Disrupted in UK Due to Power Outage
A power outage at a Google data center in London led to a significant disruption of Google Cloud Platform (GCP) and Workspace services for users in the UK on August...
Category: News
Zabbix Addresses Multi Vulnerabilities, Including RCE CVE-2024-36461 (CVSS 9.1) Flaw
Zabbix, the widely-used open-source monitoring solution, has released a series of security updates addressing critical vulnerabilities, most notably CVE-2024-36461, which carries a CVSS score of 9.1. This vulnerability allows users...
AndroCon: New Study Shows How Your Phone Can Track Your Every Move, Even Indoors
A recent study titled “AndroCon: Conning Location Services in Android” has revealed a disturbing trend: smartphones can be covertly used to monitor users, creating highly accurate maps of their living...
X Faces GDPR Heat Over AI Training on 60 Million European Users’ Data
European privacy advocacy organization NOYB has recently lodged a complaint with EU regulators against Elon Musk’s social media platform, X/Twitter, accusing it of violating users’ privacy rights. The complaint centers...
BYOVDLL: New Exploit Bypasses Microsoft’s LSASS Defenses
In July 2022, Microsoft made modifications to its Protected Process Light (PPL) system aimed at mitigating a vulnerability that allowed bypassing the protection of LSASS, a critical process responsible for...
CVE-2024-22116 (CVSS 9.9): Critical RCE Vulnerability Found in Zabbix Monitoring Solution
Zabbix, a widely-adopted open-source solution for enterprise-level IT infrastructure monitoring, has disclosed a critical security vulnerability that could lead to full system compromise. The vulnerability, identified as CVE-2024-22116 and assigned...
Akamai Unveils New VPN Post-Exploitation Techniques: Major Vulnerabilities Discovered in Ivanti and FortiGate VPNs
Akamai researchers have exposed a series of vulnerabilities and techniques that could allow threat actors to further escalate their attacks after compromising a Virtual Private Network (VPN) server. The analysis...
Security Flaw in PostgreSQL: CVE-2024-7348 Allows Arbitrary SQL Execution
The PostgreSQL project has issued a security advisory, warning users of a serious vulnerability (CVE-2024-7348). The flaw, which carries a CVSS score of 8.8, exposes users to the risk of...
From 7,000 to 13,000: The Alarming Growth of the 7777 Botnet
Security researchers from Team Cymru have identified a significant expansion in the activities of the “7777” botnet, first detected in October 2023 and named for its use of TCP port...
GhostWrite: New RISC-V Vulnerability Enables Full Device Takeover
A team of researchers from the CISPA Helmholtz Center for Information Security has disclosed a critical vulnerability, named GhostWrite, affecting T-Head XuanTie C910 and C920 RISC-V CPUs. This hardware-level flaw...
New APT Group ‘Actor240524’ Targets Azerbaijan and Israel with Advanced Tactics
A sophisticated cyber espionage campaign targeting Azerbaijan and Israel has been linked to a previously unidentified advanced persistent threat (APT) group, designated as ‘Actor240524’ by NSFOCUS Security Labs. Actor240524 distinguishes...
Windows Users Beware: CVE-2024-6768 – New ‘Blue Screen of Death’ Vulnerability Affects All
A newly discovered vulnerability in the Windows operating system has raised concerns among cybersecurity experts due to its potential to trigger the infamous “Blue Screen of Death” (BSOD). Identified as...
New Phishing Campaign Deploys PureHVNC and Other Malware, Targets Sensitive Data
Cybersecurity researchers from FortiGuard Labs have discovered a sophisticated phishing campaign that utilizes a multi-stage execution flow and various evasion techniques to deliver multiple strains of malware, including the remote...
Ransomware Gangs’ New Tactic: Weaponizing Legitimate Entities
According to Sophos, cybercriminals are continually refining their methods of exerting pressure on victims. Over the past three years, the tactics employed by ransomware operators have undergone significant changes, becoming...
QuickShell Security Flaw Exposes Google Quick Share Users to Remote Attacks
Google’s Quick Share, a popular tool for file sharing across Android, Windows, and Chrome OS devices, has recently come under scrutiny following the discovery of serious security vulnerabilities. Dubbed “QuickShell,”...
