Zero-day vulnerability in GeoVision devices exploited by a botnet
The vulnerability, tracked as CVE-2024-11120, is a critical OS command injection flaw.
Cybersecurity News - Page 108
NSO Group exploited WhatsApp flaws to deploy Pegasus spyware after sued by Meta
The company developed multiple zero-day exploits, including a previously unknown vector named Erised.
China-linked threat actor exploits FortiClient zero-day to steal VPN credentials
The attack leverages a modular post-exploitation framework called DEEPDATAю
Cyber Security Week in Review: November 15, 2024
In brief: PAN-OS, D-Link RCE flaws exploited in the wild, the US confirms Chinese hackers stole data from multiple telecom firms, and more.
Russia-linked hackers exploit NTLM zero-day in cyberattack on Ukraine
The attack involved a phishing email from a hacked Ukrainian government server, aimed at government personnel and academic institutions.
US indicts two hackers behind Snowflake breach
The indictment links Moucka and Binns to breaches involving massive amounts of customer data stolen from Snowflake cloud accounts.
Free decryptor released for BitLocker-based ShrinkLocker ransomware victims
ShrinkLocker utilizes Microsoft’s BitLocker for encryption instead of custom encryption methods.
Microsoft patches two actively exploited zero-day flaws
The flaws allow attackers to either elevate privileges or gain access to sensitive user data.
Zero-days top the list of most exploited vulnerabilities in 2023
In 2023, ten of the fifteen most exploited vulnerabilities were initially zero-days.
Volt Typhoon returns with renewed botnet following January takedown
The adversary has compromised a significant number of routers over the past month, primarily outdated Cisco and Netgear models.
Showing elements 1071 - 1080