Category: Uncategorized
-

Microsoft MFA AuthQuake Flaw Enabled Unlimited Brute-Force Attempts Without Alerts [email protected] (The Hacker News)
Cybersecurity researchers have flagged a “critical” security vulnerability in Microsoft’s multi-factor authentication (MFA) implementation that allows an attacker to trivially sidestep the protection and gain unauthorized access to a victim’s account. “The bypass was simple: it took around an hour to execute, required no user interaction and did not generate any notification or provide theRead…
-

ZLoader Malware Returns With DNS Tunneling to Stealthily Mask C2 Comms [email protected] (The Hacker News)
Cybersecurity researchers have discovered a new version of the ZLoader malware that employs a Domain Name System (DNS) tunnel for command-and-control (C2) communications, indicating that the threat actors are continuing to refine the tool after resurfacing a year ago. “Zloader 2.9.4.0 adds notable improvements including a custom DNS tunnel protocol for C2 communications and an…
-

Chinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017 [email protected] (The Hacker News)
Cybersecurity researchers have discovered a novel surveillance program that’s suspected to be used by Chinese police departments as a lawful intercept tool to gather a wide range of information from mobile devices. The Android tool, codenamed EagleMsgSpy by Lookout, has been operational since at least 2017, with artifacts uploaded to the VirusTotal malware scanning platform…
-

Researchers Uncover Espionage Tactics of China-Based APT Groups in Southeast Asia [email protected] (The Hacker News)
A suspected China-based threat actor has been linked to a series of cyber attacks targeting high-profile organizations in Southeast Asia since at least October 2023. The espionage campaign targeted organizations in various sectors spanning government ministries in two different countries, an air traffic control organization, a telecoms company, and a media outlet, the Symantec Threat…
-
Mitel MiCollab Unauthorized Access Attack
Security flaws in Mitel MiCollab, CVE-2024–35286, CVE-2024–41713, and an arbitrary file read zero-day (still without a CVE number) have been found, putting many organizations at risk. These vulnerabilities allow attackers to bypass authentication and access files on affected servers, revealing sensitive information that could expose organizations to serious security risks.Read More
-

Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability [email protected] (The Hacker News)
Microsoft closed out its Patch Tuesday updates for 2024 with fixes for a total of 72 security flaws spanning its software portfolio, including one that it said has been exploited in the wild. Of the 72 flaws, 17 are rated Critical, 54 are rated Important, and one is rated Moderate in severity. Thirty-one of the…
-

U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls [email protected] (The Hacker News)
The U.S. government on Tuesday unsealed charges against a Chinese national for allegedly breaking into thousands of Sophos firewall devices globally in 2020. Guan Tianfeng (aka gbigmao and gxiaomao), who is said to have worked at Sichuan Silence Information Technology Company, Limited, has been charged with conspiracy to commit computer fraud and conspiracy to commit…
-

Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities [email protected] (The Hacker News)
Ivanti has released security updates to address multiple critical flaws in its Cloud Services Application (CSA) and Connect Secure products that could lead to privilege escalation and code execution. The list of vulnerabilities is as follows – CVE-2024-11639 (CVSS score: 10.0) – An authentication bypass vulnerability in the admin web console of Ivanti CSA before…
-
Webhook security: Risks and best practices for mitigation
Post ContentRead More
-

Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged [email protected] (The Hacker News)
Users of Cleo-managed file transfer software are being urged to ensure that their instances are not exposed to the internet following reports of mass exploitation of a vulnerability affecting fully patched systems. Cybersecurity company Huntress said it discovered evidence of threat actors exploiting the issue en masse on December 3, 2024. The vulnerability, which impacts…
