Category: Uncategorized
-
37 Vulnerabilities Patched in Android Ionut Arghire
Android’s June 2024 security update resolves 37 vulnerabilities, including high-severity flaws in Framework and System. The post 37 Vulnerabilities Patched in Android appeared first on SecurityWeek. Read More
-

DarkGate Malware Replaces AutoIt with AutoHotkey in Latest Cyber Attacks [email protected] (The Hacker News)
Cyber attacks involving the DarkGate malware-as-a-service (MaaS) operation have shifted away from AutoIt scripts to an AutoHotkey mechanism to deliver the last stages, underscoring continued efforts on the part of the threat actors to continuously stay ahead of the detection curve. The updates have been observed in version 6 of DarkGate released in March 2024…
-

Oracle WebLogic Server OS Command Injection Flaw Under Active Attack [email protected] (The Hacker News)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Oracle WebLogic Server to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2017-3506 (CVSS score: 7.4), the issue concerns an operating system (OS) command injection vulnerability that could be exploited to obtain unauthorizedRead More
-
Mandiant: Ransomware investigations up 20% in 2023
Post ContentRead More
-
Hugging Face tokens exposed, attack scope unknown
Post ContentRead More
-

Researchers Uncover RAT-Dropping npm Package Targeting Gulp Users [email protected] (The Hacker News)
Cybersecurity researchers have uncovered a new suspicious package uploaded to the npm package registry that’s designed to drop a remote access trojan (RAT) on compromised systems. The package in question is glup-debugger-log, which targets users of the gulp toolkit by masquerading as a “logger for gulp and gulp plugins.” It has been downloaded 175 times…
-

Authorities Ramp Up Efforts to Capture the Mastermind Behind Emotet [email protected] (The Hacker News)
Law enforcement authorities behind Operation Endgame are seeking information related to an individual who goes by the name Odd and is allegedly the mastermind behind the Emotet malware. Odd is also said to go by the nicknames Aron, C700, Cbd748, Ivanov Odd, Mors, Morse, Veron over the past few years, according to a video released…
-
Identities of Cybercriminals Linked to Malware Loaders Revealed Ionut Arghire
Law enforcement reveals the identities of eight cybercriminals linked to recently disrupted malware loaders. The post Identities of Cybercriminals Linked to Malware Loaders Revealed appeared first on SecurityWeek. Read More
-
PoC Published for Exploited Check Point VPN Vulnerability Ionut Arghire
PoC code targeting a recent Check Point VPN zero-day has been released as Censys identifies 14,000 internet-accessible appliances. The post PoC Published for Exploited Check Point VPN Vulnerability appeared first on SecurityWeek. Read More
-

SASE Threat Report: 8 Key Findings for Enterprise Security [email protected] (The Hacker News)
Threat actors are evolving, yet Cyber Threat Intelligence (CTI) remains confined to each isolated point solution. Organizations require a holistic analysis across external data, inbound and outbound threats and network activity. This will enable evaluating the true state of cybersecurity in the enterprise. Cato’s Cyber Threat Research Lab (Cato CTRL, see more details below) has…
