General Security News
-
Hackers Deploy New Python Malware on VMware ESXi Server to gain Remote Access
A backdoor was found on a VMware ESXi virtualization server by Juniper Threat Labs. Reports say two vulnerabilities in the ESXi’s OpenSLP service,...
-
Multiple Zero-Day Vulnerabilities in Antivirus and Endpoint Let Attackers Install Data Wipers
Or Yair of SafeBreach Labs recently discovered multiple security Zero-Day vulnerabilities that could be exploited by the threat actors to create...
-
December 2022 Patch Tuesday: Get Latest Security Updates from Microsoft and More
Tech giant Microsoft released its last set of monthly security updates for 2022 with fixes for 49 vulnerabilities across its software products. Of...
-
Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability
The U.S. National Security Agency (NSA) on Tuesday said a threat actor tracked as APT5 has been actively exploiting a zero-day flaw in Citrix...
-
New Actively Exploited Zero-Day Vulnerability Discovered in Apple Products
Apple on Tuesday rolled out security updates to iOS, iPadOS, macOS, tvOS, and Safari web browser to address a new zero-day vulnerability that could...
-
Malware Strains Targeting Python and JavaScript Developers Through Official Repositories
An active malware campaign is targeting the Python Package Index (PyPI) and npm repositories for Python and JavaScript with typosquatted and fake...
-
Fortinet Warns of Active Exploitation of New SSL-VPN Pre-auth RCE Vulnerability
Fortinet on Monday issued emergency patches for a severe security flaw affecting its FortiOS SSL-VPN product that it said is being actively...
-
Researchers Demonstrate How EDR and Antivirus Can Be Weaponized Against Users
High-severity security vulnerabilities have been disclosed in different endpoint detection and response (EDR) and antivirus (AV) products that...
-
New Technique Discovered To Bypass Web Application Firewalls (WAF) Of Several Vendors
Experts from Industrial and IoT cybersecurity company Claroty developed a generic method for bypassing the web application firewalls (WAF) of a...
-
Cisco IP Phone Vulnerability Let Unauthenticated Attacker Execute Remote Code
Cisco has uncovered a high-severity vulnerability affecting its IP Phone 7800 and 8800 Series, tracked as CVE-2022-20968 (except Cisco Wireless...
-
COVID-bit – A New Secret Channel to Spy Data Over the Air from Air-gapped Systems
Researchers uncovered a new covert channel to steal sensitive information from Air-gapped systems over the air from a distance of 2m. The...
-
Royal Ransomware Threat Takes Aim at U.S. Healthcare System
The U.S. Department of Health and Human Services (HHS) has cautioned of ongoing Royal ransomware attacks targeting healthcare entities in the...