November 24, 2023 at 01:20PM The National Cyber Security Centre (NCSC) and Korea’s National Intelligence Service (NIS) have warned that the North Korean Lazarus hacking group has been breaching companies using a zero-day vulnerability in the MagicLine4NX software. The group primarily targets South Korean institutions and is known for utilizing supply-chain attacks and zero-day vulnerabilities … Read more
November 22, 2023 at 02:45PM A proof of concept exploit has been developed for a critical zero-day vulnerability in Windows SmartScreen technology that allows attackers to bypass Windows Defender SmartScreen checks without triggering alerts. The exploit requires a user to click on a maliciously crafted Internet shortcut or link. The vulnerability affects Windows 10, Windows … Read more
November 21, 2023 at 04:32PM A proof-of-concept exploit (PoC) has been released for a critical zero-day vulnerability in Windows SmartScreen. The vulnerability, identified as CVE-2023-36025, allows attackers to bypass Windows Defender SmartScreen checks without triggering alerts. The exploit involves tricking users into clicking on a malicious internet shortcut or link. The vulnerability affects various Windows … Read more
November 17, 2023 at 11:11AM Threat actors exploited a zero-day vulnerability in Zimbra Collaboration email server to steal sensitive data from government systems in multiple countries. The vulnerability, known as CVE-2023-37580, allowed the hackers to perform email forwarding, steal credentials, and lead victims to phishing pages. The attacks took place before Zimbra released an official … Read more
November 16, 2023 at 11:52AM Four separate cyberattack groups have exploited a former zero-day vulnerability in the Zimbra Collaboration Suite (ZCS) to steal email data, user credentials, and authentication tokens from government organizations worldwide. The bug, which was patched on July 25, enabled the attackers to set up auto-forwarding rules to an attacker-controlled email address. … Read more
November 10, 2023 at 07:00AM China’s Industrial and Commercial Bank of China Financial Services, a financial services business of China’s largest bank, experienced a ransomware attack that disrupted trading in the U.S. Treasury market. The attack affected some of its systems, but the company disconnected parts to mitigate the impact. The incident is being investigated … Read more
November 7, 2023 at 04:42AM The Pakistan-linked threat actor called SideCopy has been using a recent WinRAR security vulnerability to target Indian government entities. They are delivering remote access trojans such as AllaKore RAT, Ares RAT, and DRat. This campaign is multi-platform, targeting both Windows and Linux systems. SideCopy is suspected to be a sub-group … Read more
October 18, 2023 at 07:00AM Tens of thousands of Cisco devices have been hacked through a newly disclosed zero-day vulnerability, CVE-2023-20198. Cisco is working on a patch, but in the meantime, customers are advised to implement mitigations. The vulnerability allows attackers to gain elevated privileges and complete control over targeted systems. Cybersecurity companies have observed … Read more
October 17, 2023 at 09:20AM Attackers have exploited a critical zero-day bug to compromise and infect Cisco IOS XE devices with malicious implants. Threat intelligence company VulnCheck found thousands of compromised hosts. Cisco has advised administrators to disable the vulnerable HTTP server feature and look for breach indicators. A patch is not yet available. Key … Read more
October 17, 2023 at 07:12AM The US cybersecurity agency CISA, together with the FBI and MS-ISAC, has issued a warning about a zero-day vulnerability in Atlassian Confluence Data Center and Server. Tracked as CVE-2023-22515, the flaw has been exploited by a nation-state threat actor since September 14. It allows unauthorized access, creation of administrative accounts, … Read more