June 5, 2024 at 07:01AM RansomHub, a new ransomware strain, has been identified as a rebranded version of Knight ransomware. It employs double extortion tactics and targets various platforms, using phishing campaigns for distribution. The group behind it has been linked to recent attacks and is recruiting affiliates. Ransomware activity has been on the rise, … Read more
May 30, 2024 at 11:16AM NIST is seeking outside assistance to address a backlog of unprocessed vulnerabilities in the National Vulnerability Database (NVD), with plans to improve processing rates and implement long-term solutions. CISA is collaborating with NIST to address the backlog, and a new project named Vulnrichment aims to enhance CVE records for improved … Read more
May 28, 2024 at 06:45AM CatDDoS botnet has exploited over 80 security flaws in the last three months to infect devices and launch DDoS attacks. It targets routers and networking equipment, mostly affecting devices from various vendors. The malware uses ChaCha20 encryption, employs an OpenNIC domain for C2, and shares encryption key/nonce pair with other … Read more
May 16, 2024 at 06:42AM Security researchers disclosed almost a dozen vulnerabilities affecting GE HealthCare Vivid Ultrasound products, posing risk of ransomware implantation and patient data manipulation. Vulnerabilities require physical access to devices and range from hard-coded credentials to path traversal. Exploit chain can be used to execute arbitrary code. Other recent security flaws have … Read more
May 15, 2024 at 04:24AM In May 2024, Microsoft’s Patch Tuesday updates addressed 61 security flaws, including two zero-days actively exploited. A Critical flaw in the Windows MSHTML Platform and an Important one in the Desktop Window Manager were exploited in attacks. The vulnerabilities require urgent fixes to prevent widespread exploitation. Other vendors have also … Read more
May 14, 2024 at 01:54PM Today’s Microsoft Patch Tuesday includes updates for 61 flaws, with one critical vulnerability fixed in Microsoft SharePoint Server. It addresses 17 elevation of privilege vulnerabilities, two security feature bypass vulnerabilities, 27 remote code execution vulnerabilities, seven information disclosure vulnerabilities, three denial of service vulnerabilities, and four spoofing vulnerabilities. Additionally, three … Read more
May 14, 2024 at 12:18PM Multiple security flaws have been disclosed in VMware Workstation and Fusion products, impacting versions 17.x and 13.x. Exploitable by threat actors, these flaws allow access to sensitive information, DoS conditions, and code execution. Temporary workarounds are suggested until patches can be deployed, including turning off Bluetooth support and disabling 3D … Read more
May 10, 2024 at 04:09AM Security flaws in widely utilized Telit Cinterion cellular modems present remote code execution risks via SMS. Eight issues, comprising a severe heap overflow problem (CVE-2023-47610), were revealed by Kaspersky’s ICS CERT division. The vulnerabilities could allow attackers to compromise device integrity and cause extensive disruption. Mitigation strategies include disabling SMS … Read more
May 9, 2024 at 05:16PM Newly discovered vulnerabilities in F5 Networks’ BIG-IP Next Central Manager could allow attackers to gain full control and create hidden accounts in F5-brand assets. These vulnerabilities have been assigned CVEs and patched by the vendor. Additional bugs affecting the Central Manager still pose threats, allowing attackers to wreak havoc despite … Read more
May 9, 2024 at 02:19AM Two security vulnerabilities in F5 Next Central Manager could allow threat actors to gain control of devices and create hidden administrator accounts. The flaws, CVE-2024-21793 and CVE-2024-26026, impact versions 20.0.1 to 20.1.0 and have been addressed in version 20.2.0. Exploitation could lead to full control of the device and the … Read more