Severe Privilege Escalation Issue on MikroTik RouterOS Can Grant Remote Control Bullet Points: A privilege escalation issue in MikroTik RouterOS could allow remote attackers to execute arbitrary code and gain full control of vulnerable devices. The vulnerability is known as CVE-2023-30799 and has a high CVSS score of 9.1. Approximately 500,000 RouterOS systems are at
Read More
# Important Points – North Korean hackers linked to the Reconnaissance General Bureau (RGB) were behind the JumpCloud hack. – The hackers made an operational security mistake, exposing their actual IP address. – The activity was attributed to a group called UNC4899, which has previous connections to other clusters of cyber-attacks. ## North Korean Hackers
Read More
Bypassing UAC: Evolving Tactics of Casbaneiro Banking Malware Main Points: Financially motivated threat actors behind the Casbaneiro banking malware are using a User Account Control (UAC) bypass technique. This technique allows them to gain full administrative privileges on a machine, enabling the execution of malicious code without detection. Casbaneiro remains heavily focused on targeting users
Read More
targeting macOS with various threats. Here are some of the rising threats to macOS: 1. Mac Malware: Malware designed specifically for macOS is on the rise. Attackers are finding new ways to exploit vulnerabilities in the operating system and trick users into downloading malicious software. 2. Phishing Attacks: Phishing attacks, where attackers try to trick
Read More
Summary: Five security vulnerabilities in the Terrestrial Trunked Radio (TETRA) standard have been revealed. These vulnerabilities, discovered by Midnight Blue in 2021, include an intentional backdoor that could have potentially exposed sensitive information. The disclosure of these vulnerabilities emphasizes the need for improved security measures in critical infrastructure sectors and government entities. Main Points: –
Read More
Overcoming the Talent Gap in Cybersecurity with Managed Security Services The Problem: Cybersecurity Talent Gap – Executive leadership and boards are concerned about the organization’s ability to defend against new and current threats. – Talent gap in cybersecurity poses a significant challenge. – Organizations struggle to find skilled cybersecurity professionals. The Solution: Managed Security Services
Read More
Ivanti Urges Users to Update Endpoint Manager Mobile Endpoint Manager Mobile (EPMM) users are advised to update their mobile device management software to address an actively exploited zero-day vulnerability. Ivanti, the company behind EPMM (formerly MobileIron Core), has issued a warning urging users to install the latest version that includes a fix for the vulnerability.
Read More
Apple Releases Security Updates to Address Vulnerabilities Introduction Apple has recently released a series of security updates for iOS, iPadOS, macOS, tvOS, watchOS, and Safari. These updates aim to fix various security vulnerabilities, including a zero-day bug that is actively being exploited in the wild. Details of the Vulnerabilities One of the vulnerabilities, tracked as
Read More
Atlassian, the software company known for its enterprise collaboration tools, has recently addressed three security flaws in its Confluence Server, Data Center, and Bamboo Data Center products. These vulnerabilities, if successfully exploited, could result in remote code execution on affected systems. The first vulnerability, identified as CVE-2023-22505, is a remote code execution flaw in Confluence
Read More
Summary: The healthcare industry continues to be a prime target for cyberattacks, as demonstrated by the high number of data breaches reported by the U.S. Government’s Office for Civil Rights. This article will highlight the ongoing cybersecurity challenges faced by the healthcare industry. Main Points: – Healthcare industry is frequently targeted for cyberattacks. – U.S.
Read MoreNo products in the cart.