On Monday, Microsoft said it patched a vulnerability plaguing Azure Synapse and Azure Data Factory. Further, Microsoft said, if the vulnerability was successfully exploited,…
General
General
A fresh perspective on “fileless” malware: Event logs carrying harmful code
Security researchers have discovered a malicious campaign that stores malware in Windows event logs, a technique that has never been publicly described for attacks…
General
DeFi Platform loses more than $2 million
MM. Finance revealed that hackers stole $2 million in digital assets in a Domain Namer System (DNS) attack. These attacks entail hackers targeting the…
General
Researchers create an RCE exploit for the latest F5 BIG-IP flaw
Security researchers are warning that they were able to construct an exploit for a serious remote code execution vulnerability affecting F5’s BIG-IP family of…
General
Chinese hacker group Mustang Panda executing espionage attacks
Mustang Panda, a China-based threat actor, has been improving and adding tools to attack firms located in Asia, the European Union, Russia, and the…
General
SharePoint, VPNs, and Virtual Machines are all on Lapsus$’ radar
The NCC Group has released a new report that reveals how Lapsus$ attacks are launched. The report goes into detail about the highly unpredictable…
General
CISCO releases patches for three flaws plaguing NFVIS software
Cisco systems rolled out patches for three flaws affecting its enterprise NFV Infrastructure Software (NFVIS). The attackers can use the flaw to compromise and…
General
F5 Security Issues a New BIG-IP Remote Code Execution Vulnerability
F5, a cloud security and application delivery network (ADN) provider, released updates on Wednesday to fix 43 problems across its products. One issue is…
General
Serious flaw plagues dotCMS content management software
A pre-authenticated remote code execution flaw has been revealed in dotCMS, an open-source content management system written in Java and “used by over 10,000…
General
Sting BazarLoader has been buzzed with bumblebee.
Proofpoint has identified a new malware loader known as Bumblebee. At least three different threat clusters tied to ransomware operations employ the loader. More…