December 10, 2024 at 05:12AM Cybersecurity threats are evolving, with ongoing zero-day attacks using corrupted files largely undetected, as seen in a recent analysis by ANY.RUN. Additionally, fileless malware and phishing tactics are on the rise. Utilizing advanced tools like ANY.RUN’s Interactive Sandbox helps organizations identify and analyze these threats effectively. ### Meeting Takeaways (Dec … Read more
September 16, 2024 at 06:11PM Microsoft disclosed a zero-day vulnerability, CVE-2024-43461, in its legacy MSHTML browser engine affecting all supported Windows versions. Remote attackers can exploit it to execute arbitrary code, requiring a victim to visit a malicious site. This flaw, part of an attack chain with CVE-2024-38112, was exploited by the “Void Banshee” group. … Read more
July 2, 2024 at 09:22AM Critical vulnerabilities in the CocoaPods dependency manager allowed threat actors to take over orphaned packages, execute shell commands, and impact millions of iOS and macOS applications. Orphaned pods were associated with a default owner, and an authentication server bug enabled remote code execution. The vulnerabilities were addressed by CocoaPods in … Read more
June 5, 2024 at 05:51PM Cyber attackers exploited a zero-day vulnerability in TikTok to compromise high-profile accounts, including CNN’s. The app maker has confirmed the cyberattack and is working to secure accounts. The attack involved a specially crafted direct message, bypassing the need for the target to open a link. TikTok has faced previous security … Read more
February 14, 2024 at 02:39AM A zero-day exploit in Microsoft Defender SmartScreen, leveraged by the threat actor Water Hydra (aka DarkCasino), targets financial market traders. Exploiting CVE-2024-21412, the attacker convinces victims to click on a booby-trapped URL, bypassing security checks. The end goal is to deliver the DarkMe trojan, capable of executing additional instructions and … Read more
November 16, 2023 at 11:45AM Google’s Threat Analysis Group (TAG) has disclosed that a zero-day exploit in Zimbra Collaboration Suite was used to steal email data from government organizations worldwide. The vulnerability (CVE-2023-37580) was made public in July, and it allows attackers to execute malicious code through specially crafted URLs sent via email. Google observed … Read more
October 25, 2023 at 09:19AM The Winter Vivern Russian hacking group has been targeting European government entities and think tanks since at least October 11. They have been exploiting a Roundcube Webmail zero-day vulnerability and using phishing emails to inject arbitrary JavaScript code. The group has also targeted Zimbra and previously exploited vulnerabilities in Roundcube … Read more