Apple macOS Malware Alert: XLoader Strikes Back in a Guise – XLoader, a variant of an Apple macOS malware, is back with its latest reinvention. – It disguises its malicious features behind an app named “OfficeNote.” – Discovered by SentinelOne security researchers Dinesh Devadoss and Phil Stokes, the malware is cleverly bundled inside a standard
Read More
Ivanti Facing a New Critical Bug Challenge Ivanti, a software services provider, issues a warning regarding a new critical zero-day flaw affecting its product, Ivanti Sentry (formerly MobileIron Sentry). The said bug, tracked as CVE-2023-38035, is reportedly being currently exploited in the wild. With a CVSS score of 9.8, the flaw is of topmost severity
Read More
Web of Danger: A Critical Adobe ColdFusion Flaw Main Points: The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has identified a critical vulnerability in Adobe ColdFusion. This issue has been added to the Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation. The flaw, designated as CVE-2023-26359 (with a CVSS score of 9.8),
Read More
A Breaking WinRAR: High-Severity Security Flaw Could Disrupt Your Windows Party • WinRAR, our trusted old friend, is currently nursing a high-severity security flaw, known officially as CVE-2023-40477, with a CVSS score of 7.8. • This flaw allows potential exploitation by threat actors to engage in a bit of “unwanted house partying” or remote code
Read More
Feeling Enchanted? Be Wary Of The OAuth Magic! User-friendly OAuth protocols can seem like tech magic for account creation and accessibility Unfortunately, users often misunderstand the implications of the permissions they grant This lack of understanding opens a window for misuse and manipulation by malicious actors The Glamour of OAuth: Breezing Through Account Creation Just
Read More
Malware-Infected Machines Turned Into Proxy Exit Nodes Threat actors are using malware-infected machines, Windows and macOS, for proxy server applications and turning them into exit nodes to reroute proxy requests. The company delivering this proxy service runs more than 400,000 proxy exit nodes, but it’s unclear how many have been taken over by the malware.
Read More
The Hiatus of HiatusRAT: Reloaded and Reconnaissance-ing The threat actors responsible for the HiatusRAT malware have resurfaced, focusing their attention towards organizations based in Taiwan and a U.S. military procurement system. These threat actors have been recompiling malware samples for varying architectures. The remodeled malware artifacts have allegedly been hosted on newly fabricated virtual private
Read More
Updated “WoofLocker” Software Creates Technical Support Scams • Cybersecurity professionals have made note of an updated version of the advanced fingerprinting and redirection toolkit named WoofLocker. • This complex traffic redirection blueprint was first documented by Malwarebytes in January 2020. • It leverages JavaScript embedded in compromised websites to conduct anti-bot and web traffic filtering
Read More
Juniper Networks Squashes Four Critical Bugs in Junos OS, Dad-jokes Included Main Points Juniper Networks released an “out-of-cycle” security update to fix flaws in Junos OS. The vulnerabilities impact the J-Web component, potentially leading to remote code execution. The bugs have a cumulative 9.8 CVSS rating, labeling them as Critical. All versions of Junos OS
Read More
APK Files Dodge Detection with Uncommon Compression Methods: A Sneaky Tech Tale Here’s the key points: – Threat actors are using unfamiliar compression methods in Android Package (APK) files to slip past malware analysis. – These findings are courtesy of the good folks at Zimperium, who identified 3,300 such artifacts in the wild. – Apart
Read MoreNo products in the cart.