Blog
Critical Fortra FileCatalyst Workflow Vulnerability Patched (CVE-2024-6633)
The flaw, known as CVE-2024-6633, involves the use of default credentials for the HSQL database, which could compromise the software's confidentiality, integrity, and availability.
Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations
The Pioneer Kitten attackers are monetizing their access to compromised organizations' networks by selling domain admin credentials and full domain control privileges on cybercrime marketplaces.
Unpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks
A years-old high-severity flaw impacting AVTECH IP cameras has been weaponized by malicious actors as a zero-day to rope them into a botnet. CVE-2024-7029 (CVSS score: 8.7), the vulnerability in question, is a "command injection vulnerability found in the brightness...
How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back
Attackers are increasingly using new phishing toolkits (open-source, commercial, and criminal) to execute adversary-in-the-middle (AitM) attacks. AitM enables attackers to not just harvest credentials but steal live sessions, allowing them to bypass traditional...
U.S. Agencies Warn of Iranian Hacking Group’s Ongoing Ransomware Attacks
U.S. cybersecurity and intelligence agencies have called out an Iranian hacking group for breaching multiple organizations across the country and coordinating with affiliates to deliver ransomware. The activity has been linked to a threat actor dubbed Pioneer Kitten,...
Threat Group ‘Bling Libra’ Pivots to Extortion for Cloud Attacks
The threat group known as Bling Libra, previously linked to the Ticketmaster data breach, has shifted to the double extortion strategy in cloud attacks, according to researchers at Palo Alto Networks' Unit 42.
Hundreds of LLM Servers Expose Corporate, Health & Other Online Data
Flowise, a popular low-code tool backed by Y Combinator, was particularly at risk due to an authentication bypass vulnerability that allowed access to sensitive information such as GitHub tokens and API keys in plaintext.
CISA Adds Google Chromium V8 Bug to its Known Exploited Vulnerabilities Catalog
Google released a security update this week to address the actively exploited Chrome zero-day vulnerability. The vulnerability, CVE-2024-7965, is an inappropriate implementation issue in Chrome's V8 JavaScript engine.
Researchers Unmasked the Notorious Threat Actor USDoD
CrowdStrike researchers have uncovered the identity of the hacker USDoD, also known as EquationCorp, responsible for multiple high-profile data breaches. According to a report from TecMundo, USDoD is a man named Luan BG from Brazil.
French Authorities Charge Telegram CEO with Facilitating Criminal Activities on Platform
French prosecutors on Wednesday formally charged CEO Pavel Durov with facilitating a litany of criminal activity on the popular messaging platform and placed him under formal investigation following his arrest Saturday. Russian-born Durov, who is also a French...
FREE GUIDE