This week, CISA updated Known Exploited Vulnerabilities Catalog by adding two flaws emanating from Zabbix monitoring solution. The two vulnerabilities, CVE-2022-23134 and CVE-2022-23131 could allow attackers to bypass security authentication and attack Zabbix. The...
Researchers have identified a new phishing attack where the hackers exploit the Google Docs Comment… New Phishing Campaign Exploits Google Docs Comment Feature on Latest Hacking News. click here to read full Article Read...
The security team of the U.K NHS said that it detected an unknown threat actor using the Log4Shell vulnerability to hack VMWare Horizon servers and plant web shells for future attacks. click here to...
The newly discovered BLISTER malware loader leverages valid code signing certificates to evade detection. Consequently,… New BLISTER Malware Loader Exploits Valid Code Signing Certificate on Latest Hacking News. click here to read full Article...
Shedding light on alternative exploit strategies for the chaotic Log4j vulnerability, researchers have devised a… New Log4j Attack Vector Exploits WebSocket To Trigger RCE – Update to Log4j 2.17.0 on Latest Hacking News. click...
Researchers from KnownSec and Sangfor reported that the TellYouThePass ransomware resurged and is exploiting the Apache Log4j CVE-2021-44228 flaw to target both Linux and Windows systems. click here to read full Article Read more...
As the critical “Log4Shell” bug stirs up the internet, the cybersecurity community is rushing for… ‘Vaccine’ For Apache Log4j Vulnerability Released Amidst Active Exploits on Latest Hacking News. click here to read full Article...
How to defend against TCP port 445 and other SMB exploits click here to read full Article Read More on latest Security Updates
The potential new service is a product of the highly profitable zero-day market, where researchers have seen multimillion-dollar price tags for vulnerabilities and exploits. click here to read full Article Read More on latest...
Analysts at SOS Intelligence found several underground forums offering fake exploits for SS7 vulnerabilities. During the investigation, the researchers uncovered 84 unique onion domains claiming to offer the fake exploit tool. click here to...
“BotenaGo” new Golang malware is in the wild and focusses on attacking IoT devices. The… Golang-based BotenaGo Malware Targets IoT Devices With Dozens Of Exploits on Latest Hacking News. click here to read full...
The campaign appears to be targeting only employees working in the Middle East as “a single campaign” in a series of similar, SharePoint-themed phishing scams, researcher Chad Anderson wrote. click here to read full...
Knowledge about vulnerabilities and exploits can command a high price on underground forums because being able to take advantage of them can be very profitable for cybercriminals. click here to read full Article Read...
AMD recently patched more than a dozen of high-risk vulnerabilities discovered in its Graphics Driver for Windows 10, which could have allowed hackers to perform privilege escalation attacks or execute arbitrary code on the...
Phishing attacks keep surfacing online with innovative ways to trick users. The latest phishing campaign… New Phishing Campaign Exploits Proofpoint’s Name To Steal Credentials on Latest Hacking News. click here to read full Article...
Palo Alto Networks discovered that Emissary Panda, a hacking group with ties to China, is exploiting Zoho software flaws in the networks of at least nine organizations in the defense, energy, technology, healthcare, and...
