Are you sure you want to leave? You’re just one step away from your free network consultation (valued at $495).
Blog
Critical Remote Code Execution Vulnerability Addressed in GiveWP Plugin
The vulnerability, identified as CVE-2024-5932, arises from inadequate validation of user-provided serialized data, allowing attackers to inject harmful PHP objects through the give_title parameter.
Researcher Details Microsoft Outlook Zero-Click Vulnerability (CVE-2024-38021)
The vulnerability stems from how Outlook handles hyperlink objects in image tags in emails, enabling attackers to exploit a composite moniker to trigger remote code execution.
New macOS Malware TodoSwift Linked to North Korean Hacking Groups
Cybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious software used by North Korean hacking groups. "This application shares several behaviors with malware we've seen that...
Styx Stealer Creator’s OPSEC Fail Leaks Client List and Profit Details
In what's a case of an operational security (OPSEC) lapse, the operator behind a new information stealer called Styx Stealer leaked data from their own computer, including details related to the clients, profit information, nicknames, phone numbers, and email...
It’s Time To Untangle the SaaS Ball of Yarn
It's no great revelation to say that SaaS applications have changed the way we operate, both in our personal and professional lives. We routinely rely on cloud-based and remote applications to conduct our basic functions, with the result that the only true perimeter...
Critical Heap Overflow Vulnerability Discovered in FFmpeg, PoC Published
CVE-2024-7272 is a critical heap overflow vulnerability found in FFmpeg, the popular multimedia framework. The vulnerability affects versions up to 5.1.5 and has a CVSS score of 8.8.
RCE Vulnerability in Atlassian Bamboo Data Center and Server
This flaw, present in versions 9.1.0 through 9.6.0, allows authenticated attackers to execute arbitrary code within the Bamboo environment, posing risks to confidentiality, integrity, and availability.
Spring Security Flaw Leaves Applications Open to Unauthorized Access
A high-severity vulnerability (CVE-2024-38810) has been discovered in Spring Security, potentially allowing unauthorized access to sensitive data within affected applications. The vulnerability impacts Spring Security versions 6.3.0 and 6.3.1.
Rising Abuse of URL Rewriting in Phishing
The abuse of URL rewriting in phishing attacks has emerged as a new trend, allowing threat actors to hide malicious links behind trusted domains of security vendors. Exploiting these features enables bypassing detection mechanisms.
CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of new phishing attacks that aim to infect devices with malware. The activity has been attributed to a threat cluster it tracks as UAC-0020, which is also known as Vermin. The exact scale and scope...
FREE GUIDE
The Ultimate Guide To IT Support Services And Fees
What You Should Expect To Pay For IT Support For Your Small Business (And How To Get Exactly What You Need Without Unnecessary Extras, Hidden Fees And Excessive Contracts)
