The notorious espionage group Daggerfly, also known as Evasive Panda and Bronze Highland, has undergone a significant overhaul of its cyber arsenal, likely spurred by the public disclosure of its older malware variants. According...
Google has rolled out the latest version of its renowned browser, Chrome 127. This release brings a host of improvements, prominently featuring 24 security-related fixes. Available for Windows, macOS, and Linux, the new update...
Halcyon’s research team has identified a new ransomware group dubbed “Volcano Demon,” responsible for a series of recent attacks. The group’s ransomware, LukaLocker, encrypts files with the .nba extension and targets both Windows and...
The notorious Mallox ransomware gang, known for their aggressive multi-extortion tactics, has expanded their arsenal with a new Linux variant. This marks a significant shift for the group, which traditionally targeted Windows systems with...
The Qualys Threat Research Unit (TRU) has detailed a severe security flaw, dubbed ‘regreSSHion,’ that leaves millions of Linux systems vulnerable to remote code execution. The vulnerability, identified as CVE-2024-6387, affects OpenSSH’s server (sshd)...
A new ransomware-as-a-service (RaaS) called RansomHub has emerged, targeting Windows, Linux, and ESXi operating systems. This multi-OS capability makes it a significant threat to a wide range of organizations. RansomHub affiliates are offered a...
Trend Micro’s threat-hunting team has uncovered a new Linux variant of the TargetCompany ransomware, marking a significant escalation in the group’s tactics. Known for primarily targeting Windows systems, this evolution underscores the growing trend...
An independent security researcher published the technical details and a proof-of-concept (PoC) code for a vulnerability, identified as CVE-2023-3390, which has been discovered in the Linux kernel, leaving systems susceptible to local privilege escalation...
Security researcher Siddharth Dushantha has uncovered a vulnerability in WinRAR, the popular file compression software, that could be exploited to deceive users or even cause system crashes. The vulnerability, which affects the console versions...
The technical details and proof-of-concept (PoC) exploit code has been released for a significant vulnerability, designated CVE-2024-0582 (CVSS 7.8) in the Linux kernel. The flaw, affecting versions 6.4 through 6.6, could allow attackers with local...
A serious security vulnerability, dubbed “WallEscape” (CVE-2024-28085), has been uncovered in the essential Linux system utilities package, util-linux. This package is a cornerstone of Linux operating systems, providing tools for fundamental tasks like managing...
Researchers from Vrije Universiteit Amsterdam and IBM Research Europe have uncovered a new security vulnerability dubbed “GhostRace” (CVE-2024-2193) that exposes a critical flaw in the foundational elements of operating system security: synchronization primitives. This...
A recent security review of the DNF package manager, a core component of many Linux distributions, uncovered two critical vulnerabilities that could allow attackers to gain complete control of affected systems. These vulnerabilities, found...
Two new vulnerabilities (CVE-2023-52160, CVE-2023-52161) in open-source WiFi software are allowing attackers to trick victims into connecting to evil twins of trusted networks intercept their traffic, and join otherwise secure networks without needing the...
The GNU C Library (glibc), a fundamental component in major Linux distributions, has a critical vulnerability, CVE-2023-6246. This local privilege escalation (LPE) vulnerability has sent ripples through the Linux community. The core of this...
Support Securityonline.info site. Thanks!
