vulnerability

Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor

Aug 20, 2024 by iHash Leave a Comment

Aug 20, 2024Ravie LakshmananVulnerability / Threat Intelligence A previously undocumented backdoor named Msupedge has been put to use against a cyber attack targeting an unnamed university in Taiwan. "The most notable feature of this backdoor is that it communicates with a command-and-control (C&C) server via DNS traffic," the Symantec Threat Hunter Team, part of … [Read more...] about Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor

Tech Analysis: Addressing Claims About Falcon Sensor Vulnerability

Aug 17, 2024 by iHash Leave a Comment

CrowdStrike is aware of inaccurate reporting and false claims about the security of the Falcon sensor. This blog sets the record straight by providing customers with accurate technical information about the Falcon sensor and any claims regarding the Channel File 291 incident. CrowdStrike has provided a Technical Root Cause Analysis and executive summary that describes the bug … [Read more...] about Tech Analysis: Addressing Claims About Falcon Sensor Vulnerability

New Ransomware Group Exploiting Veeam Backup Software Vulnerability

Jul 10, 2024 by iHash Leave a Comment

Jul 10, 2024NewsroomData Breach / Malware A now-patched security flaw in Veeam Backup & Replication software is being exploited by a nascent ransomware operation known as EstateRansomware. Singapore-headquartered Group-IB, which discovered the threat actor in early April 2024, said the modus operandi involved the exploitation of CVE-2023-27532 (CVSS score: 7.5) to carry … [Read more...] about New Ransomware Group Exploiting Veeam Backup Software Vulnerability

RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks

Jul 9, 2024 by iHash Leave a Comment

Jul 09, 2024NewsroomVulnerability / Network Security Cybersecurity researchers have discovered a security vulnerability in the RADIUS network authentication protocol called BlastRADIUS that could be exploited by an attacker to stage Mallory-in-the-middle (MitM) attacks and bypass integrity checks under certain circumstances. "The RADIUS protocol allows certain Access-Request … [Read more...] about RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks

GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others

Jun 28, 2024 by iHash Leave a Comment

Jun 28, 2024NewsroomSoftware Security / DevOps GitLab has released security updates to address 14 security flaws, including one critical vulnerability that could be exploited to run continuous integration and continuous deployment (CI/CD) pipelines as any user. The weaknesses, which affect GitLab Community Edition (CE) and Enterprise Edition (EE), have been addressed in … [Read more...] about GitLab Releases Patch for Critical CI/CD Pipeline Vulnerability and 13 Others

New MOVEit Transfer Vulnerability Under Active Exploitation

Jun 26, 2024 by iHash Leave a Comment

Jun 26, 2024NewsroomVulnerability / Data Protection A newly disclosed critical security flaw impacting Progress Software MOVEit Transfer is already seeing exploitation attempts in the wild shortly after details of the bug were publicly disclosed. The vulnerability, tracked as CVE-2024-5806 (CVSS score: 9.1), concerns an authentication bypass that impacts the following … [Read more...] about New MOVEit Transfer Vulnerability Under Active Exploitation

Google Introduces Project Naptime for AI-Powered Vulnerability Research

Jun 24, 2024 by iHash Leave a Comment

Jun 24, 2024NewsroomVulnerability / Artificial Intelligence Google has developed a new framework called Project Naptime that it says enables a large language model (LLM) to carry out vulnerability research with an aim to improve automated discovery approaches. "The Naptime architecture is centered around the interaction between an AI agent and a target codebase," Google … [Read more...] about Google Introduces Project Naptime for AI-Powered Vulnerability Research

Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs

Jun 20, 2024 by iHash Leave a Comment

Jun 20, 2024NewsroomFirmware Security / Vulnerability Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors. Tracked as CVE-2024-0762 (CVSS score: 7.5), the "UEFIcanhazbufferoverflow" vulnerability has been described as a case of a buffer … [Read more...] about Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs

New PHP Vulnerability Exposes Windows Servers to Remote Code Execution

Jun 8, 2024 by iHash Leave a Comment

Jun 08, 2024NewsroomVulnerability / Programming Details have emerged about a new critical security flaw impacting PHP that could be exploited to achieve remote code execution under certain circumstances. The vulnerability, tracked as CVE-2024-4577, has been described as a CGI argument injection vulnerability affecting all versions of PHP installed on the Windows operating … [Read more...] about New PHP Vulnerability Exposes Windows Servers to Remote Code Execution

TikTok Zero-Click vulnerability: what to know?

Jun 6, 2024 by iHash Leave a Comment

Do you use TikTok? Do your kids? You can put your hands down, I know that the question was more rhetorical than anything. If you’ve any interest in the network, you’ve probably seen the news sweeping the interwebs over the past week – news that’s come to a head in the last 24-48 hours as of this writing. The popular social network TikTok has acknowledged a security issue that’s … [Read more...] about TikTok Zero-Click vulnerability: what to know?

« Previous Page

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54