Google Patches High-Severity Chrome Vulnerability with Active Exploit—Update Immediately
Google Patches High-Severity Chrome Vulnerability with Active Exploit—Update Immediately
Tagged: exploit
Hackers Attempt to Exploit New SolarWinds Serv-U Bug in Log4Shell Attacks
Microsoft on Wednesday disclosed details of a new security vulnerability in SolarWinds Serv-U software that it said was being weaponized by threat actors to propagate attacks leveraging the Log4j flaws to compromise targets. Tracked...
Hackers Exploit Cloud Video Platform To Target Real Estate Websites
Researchers have discovered a severe supply-chain attack that plants web skimmers on real-estate websites via… Hackers Exploit Cloud Video Platform To Target Real Estate Websites on Latest Hacking News. click here to read full...
Iranian Hackers Exploit Log4j Vulnerability to Deploy PowerShell Backdoor
An Iranian state-sponsored actor has been observed scanning and attempting to abuse the Log4Shell flaw in publicly-exposed Java applications to deploy a hitherto undocumented PowerShell-based modular backdoor dubbed “CharmPower” for follow-on post-exploitation. “The actor’s...
Attackers Exploit Flaw in Google Docs’ Comments Feature
Attackers are using the “Comments” feature of Google Docs to send malicious links in a phishing campaign targeted primarily at Outlook users, researchers at Avanan have discovered. click here to read full Article Read...
What is a zero-day exploit and why should you care?
Zero-day exploits have been all over the news in recent years, and several foreign governments have been accused of enabling attacks on vulnerable network infrastructure in the U.S. and the European Union. Most recently,...
New Exploit Lets Malware Attackers Bypass Patch for Critical Microsoft MSHTML Flaw
A short-lived phishing campaign has been observed taking advantage of a novel exploit that bypassed a patch put in place by Microsoft to fix a remote code execution vulnerability affecting the MSHTML component with...
Chinese APT Hackers Used Log4Shell Exploit to Target Academic Institution
A never-before-seen China-based targeted intrusion adversary dubbed Aquatic Panda has been observed leveraging critical flaws in the Apache Log4j logging library as an access vector to perform various post-exploitation operations, including reconnaissance and credential harvesting on...
Chinese Hacker Group Uses Log4j Exploit to Target Academic Institution
A Chinese hacker group known for industrial espionage and intelligence collection used a vulnerability in Log4j to go after a large academic institution, researchers at CrowdStrike revealed Wednesday. click here to read full Article...
A New Exploit can Bypass Recently Patched MSHTML Flaw
Sophos Labs reported an exploit developed by hackers to bypass a critical flaw concerning the Microsoft Office file format. The attackers drop the Formbook malware on targeted systems. Microsoft had already fixed the security...
Latest Apple iOS Update Patches Remote Jailbreak Exploit for iPhones
Apple on Monday released updates to iOS, macOS, tvOS, and watchOS with security patches for multiple vulnerabilities, including a remote jailbreak exploit chain as well as a number of critical issues in the Kernel and Safari web browser that...
Hackers Exploit Log4j Vulnerability to Infect Computers with Khonsari Ransomware
Romanian cybersecurity technology company Bitdefender on Monday revealed that attempts are being made to target Windows machines with a novel ransomware family called Khonsari as well as a remote access Trojan named Orcus by exploiting the recently disclosed...
BlackCat: A New Sophisticated Ransomware in Rust
Researchers unearth the first professional ransomware variant written in Rust dubbed BlackCat. It can target Windows, Linux, and VMWare ESXi systems. The threat group uses a double extortion model and looks for partners to...
ADenum – A Pentesting Tool That Allows To Find Misconfiguration Through The The Protocol LDAP And Exploit Some Of Those Weaknesses With Kerberos
AD Enum is a pentesting tool that allows to find misconfiguration through the protocol LDAP and exploit some of those weaknesses with Kerberos. cracking (john) -jp [path] John binary path -w [wordList] The path...
Expert disclosed an exploit for a new Windows zero-day local privilege elevation issue
A security researcher has publicly disclosed an exploit for a new Windows zero-day local privilege elevation vulnerability that can be exploited by threat actors to achieve admin privileges. click here to read full Article...
How Attackers Exploit the Remote Desktop Protocol
The Remote Desktop Protocol (RDP) is one of the most popular communication protocols for remotely controlling systems. It didn’t take long before attackers realized this is a golden egg. click here to read full...
