July 10, 2024 at 04:29PM Threat actors exploited a zero-day bug (CVE-2024-38112) patched by Microsoft in July for over 18 months. The vulnerability impacts Internet Explorer’s Trident engine and affects newer Windows systems, like Windows 10 and 11. It allows attackers to run ransomware and spyware. Check Point discovered concurrent campaigns targeting individuals in Vietnam … Read more
February 5, 2024 at 03:50PM Miscreants are exploiting the latest Ivanti flaw, a server-side request forgery (SSRF) vulnerability CVE-2024-21893. Ivanti disclosed the bug in their software on January 31 and expects increased exploitation once details are public. Exploits targeting it are multiplying, with over 170 attacking IPs involved. The US Cybersecurity agency issued an emergency … Read more
November 23, 2023 at 03:29AM Akamai has discovered two zero-day vulnerabilities that are being exploited to distribute the Mirai malware and create botnets for DDoS attacks. The vulnerabilities target routers and network video recorders from two vendors, and the devices’ default passwords are being used. Akamai’s Security Intelligence Response Team has not disclosed the affected … Read more
October 25, 2023 at 06:50PM Security researchers successfully hacked the Samsung Galaxy S23 smartphone multiple times during the Pwn2Own 2023 hacking competition in Canada. They also discovered vulnerabilities in other devices such as printers, routers, smart speakers, surveillance systems, and NAS devices. The competition offers significant cash prizes, totaling over $1 million, for finding zero-day … Read more