Netgear WNR614 flaws allow device takeover, no fix available

June 10, 2024 at 05:39PM Researchers at RedFox Security discovered six vulnerabilities in the popular but unsupported Netgear WNR614 N300 router. The vulnerabilities include authentication bypass, weak password policy, plain text password storage, and WPS PIN exposure. With no security updates expected, users are advised to apply mitigations or replace the device with a supported … Read more

New ZenHammer Attack Bypasses Rowhammer Defenses on AMD CPUs

March 28, 2024 at 08:03AM Cybersecurity researchers from ETH Zurich have developed a new variant of the RowHammer DRAM attack called ZenHammer. This technique triggers bit flips on AMD Zen 2, Zen 3, and DDR5 devices, emphasizing the vulnerability of AMD systems to RowHammer attacks. Despite mitigations like Target Row Refresh, there are concerns about … Read more

Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organization

February 15, 2024 at 02:19PM CISA and MS-ISAC conducted an incident response assessment revealing a threat actor gaining unauthorized access to a state government organization’s network environment. Moreover, the attacker compromised network administrator credentials through the account of a former employee, successfully accessing the organization’s internal and Azure environments. A Cybersecurity Advisory containing mitigation strategies … Read more

Major IT, Crypto Firms Exposed to Supply Chain Compromise via New Class of CI/CD Attack 

January 8, 2024 at 08:36AM Security researchers warn that tens of thousands of public GitHub repositories are vulnerable to malicious code injection via self-hosted GitHub Actions runners, posing high-impact supply chain attack risks. These attacks can be launched using self-hosted runners, allowing malicious code execution and persistence. Exploitation of this vulnerability has led to significant … Read more

Hackers start exploiting critical ownCloud flaw, patch now

November 28, 2023 at 11:16AM Hackers are actively exploiting a critical vulnerability in the ownCloud file synchronization software that could lead to data breaches. The flaw, tracked as CVE-2023-49103, allows attackers to access sensitive information such as admin passwords, mail server credentials, and license keys. The vulnerability affects both containerized and non-containerized deployments, and administrators … Read more

Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting

November 9, 2023 at 03:50AM A phishing campaign has been discovered where threat actors send emails with a link to a file-sharing solution called DRACOON.team. When victims click on the link, they are directed to a PDF document containing a secondary link that leads to a fake Microsoft 365 login page. The attackers use reverse … Read more