'

Nation-State Actors Exploited Ivanti Bugs to Hit MITRE

Nation-State Actors Exploited Ivanti Bugs to Hit MITRE

The MITRE Corporation on Friday disclosed a breach impacting one of its collaborative networks used for research, development and prototyping. MITRE said in January attackers had exploited two known Ivanti Connect Secure vulnerabilities in order to deploy sophisticated backdoors and harvest credentials. MITRE, a nonprofit organization that manages federally funded research and development centers supporting … Read more

Categories duo

Malicious PyPI Package Attacking Discord Users To Steal Credentials

Malicious PyPI Package Attacking Discord Users To Steal Credentials

Hackers often target PyPI packages to exploit vulnerabilities and inject malicious code into widely used Python libraries. Recently, cybersecurity researchers at FortiGuard Labs identified a malicious PyPI package attacking Discord users to steal credentials. The malicious PyPI package that was discovered is described as “discordpy_bypass-1.7,” published on March 10th, 2024, and detected on March 12, … Read more

Beware Of Weaponized Zip Files That Deliver WINELOADER Malware

Beware Of Weaponized Zip Files That Deliver WINELOADER Malware

APT29, a Russian threat group, targeted German political parties with a new backdoor called WINELOADER using spear-phishing emails containing malicious links to ZIP files hosted on compromised websites. The ZIP files deployed an HTA that initiated a multi-stage infection chain, delivering WINELOADER.  The backdoor has functionalities for communication with command and control servers and utilizes … Read more

Citrix UberAgent Flaw Let Attackers Elevate Privileges

Citrix UberAgent Flaw Let Attackers Elevate Privileges

A significant vulnerability has been identified in Citrix’s monitoring tool, uberAgent. If exploited, this flaw could allow attackers to escalate their privileges within the system, posing a serious risk to organizations using affected software versions. CVE-2024-3902 – Privilege escalation vulnerability in Citrix uberAgent The vulnerability, tracked under CVE-2024-3902, specifically impacts specific versions of Citrix uberAgent. … Read more

Hackers Group Claims To Have Broke Into IDF & Stolen Documents

Hackers Group Claims To Have Broke Into IDF & Stolen Documents

Anonymous claims a successful cyberattack against the Israeli Defence Force (IDF), gaining access to 20 gigabytes of data, which allegedly includes over 233,000 military documents in various formats, like PDFs, Word files, and presentations.  The IDF considers the authenticity of the claim dubious and suspects a psychological warfare tactic. They reason that their layered, secure … Read more

VMware ESXi Shell Service Exploit on Hacking Forums: Patch Now

VMware ESXi Shell Service Exploit on Hacking Forums: Patch Now

A new exploit targeting VMware ESXi Shell Service has been discovered and is circulating on various hacking forums. This vulnerability poses a significant risk to organizations using VMware for their virtual environments, potentially allowing unauthorized access and control over virtual machines. The exploit, which explicitly targets the VMware ESXi Shell Service, was reported in a … Read more

Windows MagicDot Path Flaw Lets Attackers Gain Rootkit-Like Abilities

Windows MagicDot Path Flaw Lets Attackers Gain Rootkit-Like Abilities

A new vulnerability has been unearthed, allowing attackers to gain rootkit-like abilities on Windows systems without requiring administrative privileges. Dubbed “MagicDot,” this vulnerability exploits the DOS-to-NT path conversion process within the Windows operating system. Here, we delve into the technical details of the vulnerability, the attack methods, the rootkit-like abilities it confers, and the mitigation … Read more

ACDS Launches Revolutionary OBSERVATORY Solution: Redefining Attack Surface Management

ACDS Launches Revolutionary OBSERVATORY Solution: Redefining Attack Surface Management

Advanced Cyber Defence Systems (ACDS) has unveiled its groundbreaking Attack Surface Management (ASM) solution: OBSERVATORY. Engineered with a comprehensive three-pronged approach—Discovery, Validation, and Insight—OBSERVATORY offers an unparalleled level of network security.  As the number of internet-connected devices explodes, organisations struggle to keep track and secure them before attackers strike. Shockingly, surveys show 69% of companies … Read more

CrushFTP Servers Zero-day Under Active Attack: Update Now

CrushFTP Servers Zero-day Under Active Attack: Update Now

CrushFTP is a file transfer server that supports secure protocols, offers easier configuration, and offers powerful monitoring tools. It also provides a web interface that allows users to transfer files using a web browser.  A critical vulnerability associated with FileSystem escape has been discovered and addressed in the latest version. This particular vulnerability allows any … Read more