Zero-Day Vulnerabilities: Real-World Example and Risks
Understand ‘What Is a Zero-Day Vulnerability? Real-World Example and Risk Explained’. We explore the risks and consequences of these threats in our Ultimate Guide.
Tagged: exploits
CISA Warns of Imminent Exploits on Zabbix Monitoring Tool’s Recent Vulnerabilities
This week, CISA updated Known Exploited Vulnerabilities Catalog by adding two flaws emanating from Zabbix monitoring solution. The two vulnerabilities, CVE-2022-23134 and CVE-2022-23131 could allow attackers to bypass security authentication and attack Zabbix. The...
New Phishing Campaign Exploits Google Docs Comment Feature
Researchers have identified a new phishing attack where the hackers exploit the Google Docs Comment… New Phishing Campaign Exploits Google Docs Comment Feature on Latest Hacking News. click here to read full Article Read...
NHS Warns of Threat Actor Targeting VMware Horizon Servers via Log4Shell Exploits
The security team of the U.K NHS said that it detected an unknown threat actor using the Log4Shell vulnerability to hack VMWare Horizon servers and plant web shells for future attacks. click here to...
New BLISTER Malware Loader Exploits Valid Code Signing Certificate
The newly discovered BLISTER malware loader leverages valid code signing certificates to evade detection. Consequently,… New BLISTER Malware Loader Exploits Valid Code Signing Certificate on Latest Hacking News. click here to read full Article...
New Log4j Attack Vector Exploits WebSocket To Trigger RCE – Update to Log4j 2.17.0
Shedding light on alternative exploit strategies for the chaotic Log4j vulnerability, researchers have devised a… New Log4j Attack Vector Exploits WebSocket To Trigger RCE – Update to Log4j 2.17.0 on Latest Hacking News. click...
TellYouThePass ransomware resurges and exploits Log4Shell in recent attacks
Researchers from KnownSec and Sangfor reported that the TellYouThePass ransomware resurged and is exploiting the Apache Log4j CVE-2021-44228 flaw to target both Linux and Windows systems. click here to read full Article Read more...
‘Vaccine’ For Apache Log4j Vulnerability Released Amidst Active Exploits
As the critical “Log4Shell” bug stirs up the internet, the cybersecurity community is rushing for… ‘Vaccine’ For Apache Log4j Vulnerability Released Amidst Active Exploits on Latest Hacking News. click here to read full Article...
How to defend against TCP port 445 and other SMB exploits
How to defend against TCP port 445 and other SMB exploits click here to read full Article Read More on latest Security Updates
Cybercriminals discuss new business model for zero-day exploits
The potential new service is a product of the highly profitable zero-day market, where researchers have seen multimillion-dollar price tags for vulnerabilities and exploits. click here to read full Article Read More on latest...
Scammers Leverage Fake SS7 Exploits to Boost Their Revenue
Analysts at SOS Intelligence found several underground forums offering fake exploits for SS7 vulnerabilities. During the investigation, the researchers uncovered 84 unique onion domains claiming to offer the fake exploit tool. click here to...
Golang-based BotenaGo Malware Targets IoT Devices With Dozens Of Exploits
“BotenaGo” new Golang malware is in the wild and focusses on attacking IoT devices. The… Golang-based BotenaGo Malware Targets IoT Devices With Dozens Of Exploits on Latest Hacking News. click here to read full...
New Spear-Phishing Campaign Exploits Glitch Platform to Steal Employee Credentials
The campaign appears to be targeting only employees working in the Middle East as “a single campaign” in a series of similar, SharePoint-themed phishing scams, researcher Chad Anderson wrote. click here to read full...
Ransomware Gangs Offer Millions to Buy Zero-Day Exploits Akin to State-Backed Actors
Knowledge about vulnerabilities and exploits can command a high price on underground forums because being able to take advantage of them can be very profitable for cybercriminals. click here to read full Article Read...
AMD Fixes Dozens Of Security Exploits In Its Windows 10 Graphics Driver
AMD recently patched more than a dozen of high-risk vulnerabilities discovered in its Graphics Driver for Windows 10, which could have allowed hackers to perform privilege escalation attacks or execute arbitrary code on the...
New Phishing Campaign Exploits Proofpoint’s Name To Steal Credentials
Phishing attacks keep surfacing online with innovative ways to trick users. The latest phishing campaign… New Phishing Campaign Exploits Proofpoint’s Name To Steal Credentials on Latest Hacking News. click here to read full Article...
