Fake Cisco Webex Google Ads abuse tracking templates to push malware
The threat actors can exploit a loophole in the Google Ad platform's tracking template that allows them to redirect at will while complying with Google's policy
Read More...The threat actors can exploit a loophole in the Google Ad platform's tracking template that allows them to redirect at will while complying with Google's policy
Read More...The malware used in this campaign establishes a reverse shell to a C2 server and installs a Bash stealer that collects user data and account credentials
Read More...CVE-2023-41064 relates to a buffer overflow issue in the Image I/O component that could lead to arbitrary code execution when processing a maliciously crafted image
Read More...The medium severity zero-day allows unauthorized remote attackers to conduct brute force attacks against existing accounts
Read More...Multiple threat actors are possibly exploiting the vulnerability at the moment to install various payloads on impacted systems
Read More...The exploit chain was capable of compromising iPhones running the latest version of iOS (16.6) without any interaction from the victim
Read More...The FBI continues to observe active intrusions and considers all affected Barracuda ESG appliances to be compromised and vulnerable to this exploit
Read More...Pulling off the attack requires administrative permissions to communicate with the wcifs driver and it cannot be used to override files on the host system
Read More...Tracked as CVE-2023-2868, the vulnerability was first exploited in October 2022 to backdoor ESG appliances and steal data from the compromised systems
Read More...If exploited, this vulnerability enables an unauthenticated actor to access some sensitive APIs that are used to configure the Ivanti Sentry on the administrator portal
Read More...