Chinese project maintainer appears to have closed the public issue without offering a patch. Nepxion Discovery Software, an open-source project that offers functionality for…
Latest posts - Page 15
Vulnerabilities
There are two fresh zero-days for Exchange Server
As it looks at (yep, more) reported vulnerabilities in Microsoft Exchange Server that affect the software’s 2013, 2016, and 2019 editions, Microsoft has released…
Malware
Findings of New Malware Families Aimed at VMware ESXi Hypervisors
VMware’s virtualization software has been revealed to be used by threat actors to implant never-before-seen post-compromise implants. The implants allow them to take control…
Vulnerabilities
SolarMarker Attack Uses Vulnerable WordPress Sites and False Chrome Updates
As part of a novel strategy in its watering-hole attacks, the SolarMarker attack organization is encouraging victims to download phoney Chrome browser updates by…
Vulnerabilities
A new 0-day RCE vulnerability on Microsoft Exchange Server was used in a new attack campaign.
While providing security monitoring and incident response services around the beginning of August 2022, the GTSC SOC team learned that a vital infrastructure was…
Data Breach
Data from 16 million Swachhata Platform users are exposed due to a breach.
User names, emails, passwords, mobile numbers, OTP-related information, and login IPs. And hacked unique user tokens are among the Swachhata City data. On Friday,…
Malware
Hackers from Brazil’s Prilex Group Resurface with Advanced Point-of-Sale Malware
After a year-long operational sabbatical, the Brazilian threat actor Prilex has returned with sophisticated and intricate Point-of-Sale Malware to steal money through fraudulent transactions.…
Data Breach
Optus data breach “attacker” says sorry, it was a mistake
On September 22, 2022, Australian telecoms firm Optus revealed Optus Data Breach a security issue. Since then, a lot has transpired. The majority of…
Malware
The new campaign uses government, union-themed lures to deliver Cobalt Strike beacons
Cisco Talos found a malicious campaign using a modularized attack method to distribute Cobalt Strike beacons on compromised endpoints. The initial attack vector is…
cyberattack campaign
ZINC’s use of open-source software as a weapon
Microsoft has recently discovered social engineering activities by an actor we trace as ZINC that weaponized legal open-source software. In the US, UK, India,…