In its October 2023 Patch Tuesday update, Microsoft has addressed a total of 103 vulnerabilities across its software platforms, including two critical zero-day vulnerabilities actively exploited in the wild. This update highlights the ongoing importance of patch management in maintaining cybersecurity defenses. Among the identified vulnerabilities, 13 are categorized as…
A sophisticated spyware campaign utilizing a rootkit has come to light, wherein cybercriminals disseminate multifunctional malware masquerading as legitimate cracked software or as trojanized applications, often mimicking popular video players, drivers, and even antivirus tools. Known as Scranos, this rootkit malware was initially identified late last year and continues to…
In the latest cybersecurity alert, a critical unpatched zero-day vulnerability has emerged within the Android operating system, the most prevalent mobile OS globally. This vulnerability, discovered by a researcher from Google’s Project Zero team, poses significant risks as it has been actively exploited in the wild by the notorious Israeli…
WhatsApp Files Lawsuit Against NSO Group Over User Exploitation In a landmark legal move, WhatsApp, a leading encrypted messaging service, has initiated a lawsuit against the Israeli technology firm NSO Group, alleging that the company has engaged in malicious cyber activities targeting its users. This case represents a significant step…
Shortly after cybersecurity researchers raised warnings about two significant vulnerabilities in the SaltStack configuration framework, an ongoing campaign has already begun exploiting these flaws, targeting organizations such as LineageOS, Ghost, and DigiCert. The vulnerabilities, identified as CVE-2020-11651 and CVE-2020-11652, permit attackers to execute arbitrary code on remote servers operating within…
Qualcomm Issues Security Advisory for High-Severity Flaws In recent developments, chipmaker Qualcomm has disclosed significant information regarding three critical security vulnerabilities that were reportedly exploited in targeted attacks as of October 2023. The company emphasized that these flaws were subjected to “limited, targeted exploitation,” raising alarms about their implications for…
A significant security vulnerability affecting Bluetooth technology poses risks to Android, Linux, macOS, and iOS devices. Identified as CVE-2023-45866, this flaw allows malicious actors to bypass authentication procedures, enabling unauthorized access to susceptible devices and the capability to execute commands remotely. According to security researcher Marc Newlin, who disclosed these…
Recent research has unveiled a series of critical security vulnerabilities within the firmware of 5G mobile network modems manufactured by major semiconductor companies, notably MediaTek and Qualcomm. These vulnerabilities affect a range of devices, including USB and Internet of Things (IoT) modems, as well as hundreds of smartphone models operating…
A recent incident has underscored the extent of data collection by Facebook, particularly concerning its Messenger application installed on Android devices. Reports indicate that until late last year, Facebook was collecting users’ contact lists, SMS, and call history data without explicit user consent, raising serious privacy concerns. The situation gained…
