attacks

  • Blog

    ‘Adversary in the middle attacks’ are becoming hackers’ go-to method to bypass MFA

    Microsoft has announced it has taken legal action to disrupt over 240 fraudulent websites owned by an Egypt-based cyber crime group, noting the tactics deployed in the DIY phishing operation reflect a broader shift in the industry. The firm published a blog revealing its Digital Crimes Units (DCU) had disrupted the pages associated with Abanoub Nady, known online as MRxC0DER,…

    Read More »
  • Blog

    Oracle warns of Agile PLM file disclosure flaw exploited in attacks

    Oracle has fixed an unauthenticated file disclosure flaw in Oracle Agile Product Lifecycle Management (PLM) tracked as CVE-2024-21287, which was actively exploited as a zero-day to download files. Oracle Agile PLM is a software platform that enables businesses to manage product data, processes, and collaboration across global teams. Yesterday, Oracle urged Agile PLM customers to install the latest version to fix the…

    Read More »
  • Blog

    CISA tags Progress Kemp LoadMaster flaw as exploited in attacks

    The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has added three new flaws in its Known Exploited Vulnerabilities (KEV) catalog, including a critical OS command injection impacting Progress Kemp LoadMaster. The flaw, discovered by Rhino Security Labs and tracked as CVE-2024-1212, was addressed via an update released on February 21, 2024. However, this is the first report of it being under…

    Read More »
  • Blog

    Apple fixes two zero-days used in attacks on Intel-based Macs

    Apple released emergency security updates to fix two zero-day vulnerabilities that were exploited in attacks on Intel-based Mac systems. “Apple is aware of a report that this issue may have been exploited,” the company said in an advisory issued on Tuesday. The two bugs were found in the macOS Sequoia JavaScriptCore (CVE-2024-44308) and WebKit (CVE-2024-44309) components of macOS. The JavaScriptCore CVE-2024-44308 flaw allows…

    Read More »
  • Blog

    Critical RCE bug in VMware vCenter Server now exploited in attacks

    ​Broadcom warned today that attackers are now exploiting two VMware vCenter Server vulnerabilities, one of which is a critical remote code execution flaw. TZL security researchers reported the RCE vulnerability (CVE-2024-38812) during China’s 2024 Matrix Cup hacking contest. It is caused by a heap overflow weakness in the vCenter’s DCE/RPC protocol implementation and affects products containing vCenter, including VMware vSphere…

    Read More »
  • Blog

    Palo Alto Networks warns of critical RCE zero-day exploited in attacks

    Palo Alto Networks is warning that a critical zero-day vulnerability on Next-Generation Firewalls (NGFW) management interfaces, currently tracked as ‘PAN-SA-2024-0015,’ is actively being exploited in attacks. The flaw was originally disclosed on November 8, 2024, with Palo Alto Networks warning customers to restrict access to their next-generation firewalls because of a “potential” remote code execution (RCE) vulnerability impacting them. No signs…

    Read More »
  • Blog

    CISA warns of more Palo Alto Networks bugs exploited in attacks

    CISA warned today that two more critical security vulnerabilities in Palo Alto Networks’ Expedition migration tool are now actively exploited in the wild. Attackers can use the two unauthenticated command injection (CVE-2024-9463) and SQL injection (CVE-2024-9465) vulnerabilities to hack into unpatched systems running the company’s Expedition migration tool, which helps migrate configurations from Checkpoint, Cisco, and other supported vendors. While…

    Read More »
  • Blog

    API attacks are spiraling out of control

    More than eight-in-ten UK organizations experienced an API attack last year, according to new research, and it’s costing them a fortune to remediate. Analysis from Akamai found that the number of API-related attacks soared from 69% in 2023 to 83% this year – and the situation’s worse when it comes to the UK’s critical infrastructure. The study noted that 94.1%…

    Read More »
  • Blog

    Critical bug in EoL D-Link NAS devices now exploited in attacks

    ​Attackers now target a critical severity vulnerability with publicly available exploit code that affects multiple models of end-of-life D-Link network-attached storage (NAS) devices. Tracked as CVE-2024-10914, the command injection vulnerability was found by security researcher Netsecfish, who also shared exploitation details and said that unauthenticated attackers could exploit it to inject arbitrary shell commands by sending malicious HTTP GET requests…

    Read More »
  • Blog

    Microsoft patches Windows zero-day exploited in attacks on Ukraine

    Suspected Russian hackers were caught exploiting a recently patched Windows vulnerability as a zero-day in ongoing attacks targeting Ukrainian entities. The security flaw (CVE-2024-43451) is an NTLM Hash Disclosure spoofing vulnerability reported by ClearSky security researchers, which can be exploited to steal the logged-in user’s NTLMv2 hash by forcing connections to a remote attacker-controlled server. ClearSky spotted this campaign in…

    Read More »
Back to top button
close