GitLab Releases Urgent Security Patches for Critical Vulnerability
The vulnerability has been addressed in GitLab versions 16.3.4 and 16.2.7.
Read More...
Fake WinRAR proof-of-concept exploit drops VenomRAT malware
The threat actor included a summary in the README file and a Streamable video demonstrating how to use the PoC, which added further legitimacy to the malicious package
Read More...
Ransomware access broker steals accounts via Microsoft Teams phishing
In July 2023, Storm-0324 began using phishing lures sent over Teams with malicious links leading to a malicious SharePoint-hosted file
Read More...
Microsoft September 2023 Patch Tuesday fixes 2 zero-days, 59 flaws
Microsoft has fixed an actively exploited local privilege elevation vulnerability that allows attackers to gain SYSTEM privileges
Read More...
Free Download Manager site redirected Linux users to malware for years
The malware used in this campaign establishes a reverse shell to a C2 server and installs a Bash stealer that collects user data and account credentials
Read More...
Outlook Hack: Microsoft Reveals How a Crash Dump Led to a Major Security Breach
A consumer signing system crash in April of 2021 resulted in a snapshot of the crashed process
Read More...
Hackers Can Exploit Windows Container Isolation Framework to Bypass Endpoint Security
Pulling off the attack requires administrative permissions to communicate with the wcifs driver and it cannot be used to override files on the host system
Read More...
Lazarus Group Exploits Critical Zoho ManageEngine Flaw to Deploy Stealthy QuiteRAT Malware
Targets include internet backbone infrastructure and healthcare entities in Europe and the U.S
Read More...
FBI warns of patched Barracuda ESG appliances still being hacked
Tracked as CVE-2023-2868, the vulnerability was first exploited in October 2022 to backdoor ESG appliances and steal data from the compromised systems
Read More...
Almost 2,000 Citrix NetScaler servers backdoored in hacking campaign
More than 1,200 servers were backdoored before administrators installed the patch for the vulnerability
Read More...