New Atomic macOS Malware Steals Keychain Passwords and Crypto Wallets
Users may be manipulated into downloading and executing the malware under the guise of legitimate software
Read More...
Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now
Improper error message handling in some firewall versions could allow an unauthenticated attacker to execute some OS commands remotely by sending crafted packets to an affected device
Read More...
Linux version of RTM Locker ransomware targets VMware ESXi servers
Ransomware operations have followed this trend and created Linux encryptors dedicated to targeting ESXi servers to encrypt all data used by the enterprise properly
Read More...
Cisco discloses XSS zero-day flaw in server management tool
Successful exploitation enables unauthenticated attackers to launch cross-site scripting attacks remotely but requires user interaction
Read More...
Cisco and VMware Release Security Updates to Patch Critical Flaws in their Products
With Cisco and VMware appliances turning out to be lucrative targets for threat actors, it's recommended that users move quickly to apply the updates to mitigate potential threats
Read More...
Ransomware gangs abuse Process Explorer driver to kill security software
The drivers can run with kernel privileges on the victims' devices to disable security solutions and take over the system
Read More...
Microsoft SQL servers hacked to deploy Trigona ransomware
The MS-SQL servers are being breached via brute-force or dictionary attacks that take advantage of easy-to-guess account credentials
Read More...
Fortinet fixed a critical vulnerability in its Data Analytics product
Successful exploitation can lead to remote, unauthenticated access to Redis and MongoDB instances via crafted authentication requests
Read More...
Apple Releases Updates to Address Zero-Day Flaws in iOS, iPadOS, macOS, and Safari
Details about the two vulnerabilities have been withheld in light of active exploitation and to prevent more threat actors from abusing them
Read More...
ALPHV ransomware exploits Veritas Backup Exec bugs for initial access
After the initial compromise, the threat actor used the Advanced IP Scanner and ADRecon utilities to gather information about the victim's environment
Read More...