August 28, 2024 at 07:39AM The BlackByte ransomware group has been found exploiting a recently patched security flaw in VMware ESXi hypervisors, and using vulnerable drivers to bypass security protections, according to a report from Cisco Talos. The group is also targeting various sectors and has been observed evolving its tactics to evade detection and … Read more
August 28, 2024 at 12:33AM A critical security flaw in WPML plugin (CVE-2024-6386, CVSS score: 9.9) allows authenticated users to remotely execute arbitrary code before version 4.6.13. With Contributor-level access, attackers can exploit missing input validation and sanitization. This popular multilingual WordPress plugin has over one million installations and users are advised to apply the … Read more
August 27, 2024 at 10:33AM Volt Typhoon, a China-based cyber espionage group, has been linked with exploiting a high-severity security flaw in Versa Director. The attacks targeted U.S. and non-U.S. victims in ISP, MSP, and IT sectors. The flaw allows malicious file uploads, potentially leading to large-scale supply chain attacks. Recommendations include security mitigations and … Read more
August 22, 2024 at 01:54PM SolarWinds has released patches to fix a new security flaw in its Web Help Desk software that could permit unauthorized access. Tracked as CVE-2024-28987, the vulnerability is rated 9.1 in severity. Users are advised to update to version 12.8.3 Hotfix 2 to address the issue. Further details will be disclosed … Read more
August 21, 2024 at 08:54AM A vulnerability in Microsoft Copilot Studio, tracked as CVE-2024-38206, allowed access to sensitive internal infrastructure. Despite being fully mitigated, an attacker could bypass server-side request forgery protection to leak information. The exploitation also led to access to Cosmos DB instances. This flaw may have had cross-tenant impacts, prompting concern over … Read more
August 19, 2024 at 03:15AM A critical privilege escalation bug in the Windows Ancillary Function Driver (AFD.sys) for WinSock, tracked as CVE-2024-38193, was exploited by North Korean state-sponsored actor Lazarus Group. The flaw allowed unauthorized access to sensitive system areas and was addressed in Microsoft’s Patch Tuesday update. The attacks also involved the use of … Read more
August 15, 2024 at 11:34AM Microsoft disabled a BitLocker vulnerability fix due to firmware incompatibility, causing devices to enter recovery mode. The CVE-2024-38058 flaw allows attackers to bypass BitLocker encryption and access data. To mitigate the issue, users must follow a complex 4-stage process and may face limitations. Microsoft didn’t address the root cause, urging … Read more
August 10, 2024 at 12:28PM Microsoft disclosed a high-severity vulnerability affecting multiple Office versions, including Office 2016 and Microsoft 365 Apps for Enterprise. Tracked as CVE-2024-38200, the flaw allows unauthorized access to protected information. Although Microsoft is developing security updates, an alternative fix has been released. Blocking outbound NTLM traffic is recommended as a mitigation. … Read more
August 9, 2024 at 01:59PM CSC ServiceWorks, a commercial laundry and air vending solutions provider, disclosed a data breach in 2023 after detecting unusual activity on its network. The breach exposed personal information, including full names, contact information, financial details, and health insurance information. The company took measures to secure its systems, notify law enforcement, … Read more
August 8, 2024 at 10:15AM Cybersecurity researchers have found a critical “0.0.0.0 Day” vulnerability impacting major web browsers, potentially allowing malicious actors to access local network services. The flaw arises from inconsistent security mechanisms and affects Google Chrome/Chromium, Mozilla Firefox, and Apple Safari on MacOS and Linux. Web browsers are expected to block access to … Read more