On Monday, Google revealed a sophisticated cyber campaign orchestrated by a North Korean state-sponsored group aimed at security researchers involved in vulnerability research and development. This latest information highlights the increasing threat posed by adversaries adept at manipulating credible sources in the cybersecurity community. The Threat Analysis Group (TAG) at…
Cisco Addresses Critical Security Flaw in Secure Client Software Cisco has recently issued patches to rectify a significant vulnerability in its Secure Client software, which poses a considerable risk of exploitation by malicious actors. This flaw allows intruders to initiate a VPN session impersonating a targeted user, potentially compromising sensitive…
A significant vulnerability recently disclosed in Kubernetes has raised alarms due to its potential for enabling remote code execution with elevated privileges. This vulnerability, labeled as CVE-2023-5528, affects all kubelet versions from 1.8.0 onwards and has been assigned a CVSS score of 7.2, indicating its severity. According to Akamai security…
A newly identified Linux variant of a multi-platform backdoor known as DinodasRAT has emerged, actively targeting regions including China, Taiwan, Turkey, and Uzbekistan, according to recent findings by Kaspersky. DinodasRAT, also recognized as XDealer, is a C++-based malware specifically designed to extract various sensitive data from compromised systems. This variant…
Mimecast Acknowledges Source Code Breach Linked to SolarWinds Attack In a recent disclosure, email security firm Mimecast announced that it fell victim to the state-sponsored attackers behind the SolarWinds breach, illustrating the ongoing risks associated with sophisticated cyber threats. The incident, detailed in their findings, revealed unauthorized access to some…
Purple Fox, previously known for infecting Windows systems through various exploit kits and phishing campaigns, has evolved to include a new propagation technique that resembles worm-like behavior. Recent findings indicate a substantial uptick in its activity, with Guardicore researchers reporting a 600% increase in incidents since May 2020. This latest…
Recent research reveals that the conversion process from DOS to NT paths in Windows represents a potential exploitation vector for threat actors, enabling rootkit-like functionality that could hide and impersonate files, directories, and processes. According to Or Yair, a security researcher from SafeBreach, when users invoke functions that involve a…
On Wednesday, Facebook disclosed its efforts to dismantle cyber operations linked to two state-sponsored hacking groups based in Palestine that have exploited its platform for malware distribution. These activities primarily originated from the Preventive Security Service (PSS), a security entity of the Palestinian Authority, and a group identified as Arid…
Recent research has uncovered a security glitch in Zoom’s screen sharing feature that could inadvertently expose sensitive information to participants during video calls. This vulnerability, designated as CVE-2021-28133, is notable as it remains unpatched, enabling the possibility of revealing contents from applications not actively being shared, albeit for only brief…
