July 7, 2023
Cisco Secure Client Software for Windows, previously known as AnyConnect Secure Mobility Client, has been found to have a significant vulnerability (CVE-2023-20178) that enables attackers to elevate their privileges to the SYSTEM account without requiring any user interaction.
July 7, 2023
The Lazarus Group, a notorious hacking collective with ties to North Korea, has been exploiting vulnerabilities in Windows Internet Information Services (IIS) web servers as a means to infiltrate corporate networks
July 7, 2023
Researchers at Cybereason have uncovered a new malware called RdStealer, which specifically targets Windows systems using Remote Desktop Protocol (RDP). This malware is designed to pilfer sensitive information from drives shared over RDP connections.
July 7, 2023
A zero-day vulnerability has been discovered in MOVEit Transfer, a file transfer software developed by Ipswitch. This vulnerability poses a risk of data theft from organizations.
July 7, 2023
A technique has been discovered by security researchers that enables the delivery of malware through Microsoft Teams, bypassing the file restrictions from external sources.
June 2, 2023
A security flaw in Microsoft's MSHTML platform has been revealed by researchers, which has the potential to enable attackers to circumvent integrity protections on targeted machines.
June 2, 2023
Barracuda Networks, a company specializing in email and network security solutions, has issued a warning to its customers regarding a targeted attack on its email security gateway (ESG) appliances.
June 2, 2023
XWorm is a widely available malware with diverse capabilities, including data theft, DDoS attacks, ransomware operations, USB spreading, and the deployment of additional malware.
June 2, 2023
A recent report from cybersecurity intelligence firm KELA highlights a notable increase in the number of variants and malware-as-a-service (MaaS) operations during the first quarter of 2023, posing heightened risks to both organizations and individuals.
June 2, 2023
Cybercriminals are targeting unsecured Veeam backup servers that are publicly exposed on the internet.