General Security News
-
MOVEit Transfer SQL Injection Let the Attacker Gain Unauthorized Access to the Database
MOVEit transfer service pack has been discovered with three vulnerabilities associated with SQL injections (2) and a Reflected Cross-Site Scripted...
-
LUCR-3 Attacking Fortune 2000 Companies Using Victims’ Own Tools & Apps
A new financially motivated threat group named “LUCR-3” has been discovered targeting organizations to steal intellectual property for extortion....
-
Is QakBot Malware Officially Dead?
Only a few malware families can claim to have persisted for nearly twenty years, and QakBot (also referred to as QBot) stands among them as one of...
-
Apple Rushes to Patch 3 New Zero-Day Flaws: iOS, macOS, Safari, and More Vulnerable
Apple has released yet another round of security patches to address three actively exploited zero-day flaws impacting iOS, iPadOS, macOS, watchOS,...
-
Mysterious 'Sandman' Threat Actor Targets Telecom Providers Across Three Continents
A previously undocumented threat actor dubbed Sandman has been attributed to a set of cyber attacks targeting telecommunic koation providers in the...
-
Researchers Raise Red Flag on P2PInfect Malware with 600x Activity Surge
The peer-to-peer (P2) worm known as P2PInfect has witnessed a surge in activity since late August 2023, witnessing a 600x jump between September 12...
-
T-Mobile App Glitch Exposes Other User’s Sensitive Data
The mobile application of T-Mobile has recently been a cause of concern among its customers due to issues concerning privacy. Users have reported...
-
China Accuses the US of Hacking Huawei Servers Since 2009
Huawei is known for its telecommunications equipment and consumer electronics, including smartphones, and the USA banned Huawei primarily due to...
-
Nagios Monitoring Tool Vulnerabilities Let Attackers Perform SQL Injection
Nagios XI is a prominent and frequently used commercial monitoring system for IT infrastructure and network monitoring. Vulnerability Research...
-
Beware: Fake Exploit for WinRAR Vulnerability on GitHub Infects Users with VenomRAT
A malicious actor released a fake proof-of-concept (PoC) exploit for a recently disclosed WinRAR vulnerability on GitHub with an aim to infect...
-
Finnish Authorities Dismantle Notorious PIILOPUOTI Dark Web Drug Marketplace
Finnish law enforcement authorities have announced the takedown of PIILOPUOTI, a dark web marketplace that specialized in illegal narcotics trade...
-
Critical Security Flaws Exposed in Nagios XI Network Monitoring Software
Multiple security flaws have been disclosed in the Nagios XI network monitoring software that could result in privilege escalation and information...