Recent Security News
-
Fortra Discloses Critical Auth Bypass Vuln in GoAnywhere MFT
January 24, 2024 at 03:05PM A new proof-of-concept exploit is available for a critical authentication bypass vulnerability (CVE-2024-0204) in Fortra’s GoAnywhere Managed File Transfer software. This flaw affects a large percentage of systems and allows unauthenticated remote attackers to create new accounts with admin privileges. The release of this exploit is likely to lead to…
-
VexTrio TDS: Inside a massive 70,000-domain cybercrime operation
January 24, 2024 at 02:48PM “VexTrio, a previously unknown Traffic Distribution System (TDS), has been active since 2017, aiding 60 affiliates in cybercrime operations through a massive network of 70,000 sites. This highly pervasive entity partners with cybercrime campaigns and operators, utilizing various deceptive tactics to generate revenue and make detection challenging. Mitigation strategies include…
-
AI Learning Initiative Launches for UAE Women
January 24, 2024 at 01:19PM The UAE National Program for Coders will train 100 Emirati women in AI and cybersecurity through the “AI-Forward” initiative, in partnership with Ureed.com and Meem Foundation. The virtual program, conducted over eight weeks, will focus on data labeling and annotation, with quizzes, classes, and flexible schedules. This aligns with the…
-
Kasseika Ransomware Linked to BlackMatter in BYOVD Attack
January 24, 2024 at 01:05PM A new ransomware group, Kasseika, has adopted an emerging attack technique known as bring-your-own-vulnerable-driver (BYOVD) to deploy ransomware, bypassing security controls. The group exploited a legitimate device driver to terminate antivirus-related processes and execute ransomware. Kasseika’s advanced evasion techniques and code obfuscation make it a potent threat, necessitating robust defense…
-
Over 5,300 GitLab servers exposed to zero-click account takeover attacks
January 24, 2024 at 01:01PM Over 5,300 GitLab instances are vulnerable to CVE-2023-7028, a zero-click account takeover flaw enabling attackers to reset passwords and take over accounts. Despite not bypassing 2FA, it poses a significant risk to unprotected accounts. ShadowServer identifies vulnerable servers in the U.S., Germany, Russia, and other countries, urging immediate patching and…