Artificial Intelligence (AI) is transforming society in numerous beneficial ways, yet it has also become a tool exploited by cybercriminals to perpetrate nefarious activities. Threat actors, both seasoned and novice, leverage AI to enhance their data-gathering capabilities and to generate convincing phishing communications, thereby streamlining their malicious endeavors. As a…
Palo Alto Networks has issued an urgent warning regarding a critical vulnerability affecting its PAN-OS software utilized in GlobalProtect gateways, noting that this flaw is currently being actively exploited in the wild. Designated as CVE-2024-3400, this vulnerability carries a maximum CVSS score of 10.0, underscoring its potential severity and urgency…
A recent malware campaign has targeted Cisco networking equipment, exploiting two previously unknown vulnerabilities identified as zero-day flaws to deliver customized malware and conduct covert data collection in targeted environments. Cisco Talos, naming this operation “ArcaneDoor,” has attributed the attacks to UAT4356, an advanced state-sponsored group also known as Storm-1849…
A recently identified vulnerability in VMware ESXi hypervisors has been under active exploitation by several ransomware groups, raising significant concerns among cybersecurity experts. The flaw, detailed under CVE-2024-37085 and assigned a CVSS score of 6.8, enables attackers to bypass Active Directory integration authentication, thus granting them illicit administrative access to…
Microsoft Addresses 61 Security Vulnerabilities in May Patch Update In its latest Patch Tuesday update for May 2024, Microsoft has resolved 61 newly identified security vulnerabilities across its software products, amongst them two zero-day flaws that have been actively exploited in the wild. These updates follow a proactive security strategy…
Check Point has issued a warning regarding a critical zero-day vulnerability affecting its Network Security gateway products, which has already been exploited by cybercriminals in the wild. The vulnerability, designated as CVE-2024-24919 and carrying a CVSS score of 8.6, affects numerous products including CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis,…
Title: Sophisticated Cyber Attack Targets Ukraine with Cobalt Strike Payload A recent surge in sophisticated cyber attacks has seen endpoints located in Ukraine specifically targeted for the deployment of the notorious Cobalt Strike malware, raising concerns among cybersecurity experts. According to researchers from Fortinet’s FortiGuard Labs, the attack mechanism begins…
On Tuesday, Microsoft released a set of critical updates addressing a total of 90 security vulnerabilities within its software, including ten zero-day exploits. Notably, six of these zero-days are actively being leveraged in real-world attacks, raising significant concerns regarding the potential for widespread exploitation in the wild. The vulnerabilities span…
Cybersecurity Threat: Surveillance Tool MerkSpy Exploits Microsoft MSHTML Vulnerability Recent reports from Fortinet’s FortiGuard Labs indicate the emergence of a sophisticated surveillance tool known as MerkSpy, which is being used by unidentified threat actors to compromise systems through a now-patched vulnerability in Microsoft’s MSHTML. This malicious campaign is primarily targeting…
