Two Adobe ColdFusion Vulnerabilities Exploited in The Wild
Two vulnerabilities in Adobe ColdFusion are exploited in real-world attacks, the Cybersecurity & Infrastructure Security Agency (CISA) warns. Both issues are related to the possibility of arbitrary code execution, caused…
Tortilla (Babuk) Ransomware Decryptor Available
On January 9, 2024, Avast and Cisco Talos announced the release of a free decryptor for one of the Babuk ransomware variants – Tortilla. Analysts ensure that all the victims…
OAuth2 Session Hijack Vulnerability: Details Uncovered
A sophisticated exploit targeting Google's OAuth2 authentication system was uncovered by Prisma threat actor. This exploit leverages undocumented functionalities within Google's MultiLogin endpoint, enabling attackers to generate and maintain persistent…
xDedic Marketplace Members Detained In International Operations
The infamous xDedic Marketplace, known for its illicit trade in compromised computers and personal data, has been effectively dismantled. 19 persons related to the marketplace were detained. The overall operation…
Verified X/Twitter Accounts Hacked to Spread Cryptoscams
The trend of hacking official accounts to promote cryptocurrency fraud is gaining momentum. Over the past week, researchers have discovered an abnormal number of such incidents. X/Twitter Crypto Scams From…
SMTP Smuggling is a New Threat to Email Security
A new SMTP Smuggling technique reportedly has the potential to bypass existing security protocols. Also it can enable attackers to send spoofed emails from seemingly legitimate addresses. This may breathe…
Mandiant Account in X Hacked to Spread Cryptocurrency Scams
The Twitter account of Google's Mandiant cybersecurity service has been hacked to promote a cryptocurrency scam. It happens along with the massive spread of cryptocurrency drainer scams on different social…
Qualcomm RCE Vulnerabilities Expose Millions of Users
Vulnerability in several Qualcomm chipsets allows for remote code execution during the phone call. This and other vulnerabilities were uncovered in the latest security bulletin released by the chipmaker. The…
Black Basta Ransomware Free Decryptor Available
SRLabs researchers published a free decryptor for BlackBasta ransomware. They discovered the vulnerability in the way malware handles the encryption process and found the way to recover the encryption key…
Seven Common Types of Malware – Analysis & Description
In the intricate landscape of cybersecurity, comprehending the various forms of malware is crucial. This article offers an in-depth look at the most pervasive malware types, from Loaders to Keyloggers.…
DLL Search Order Hijacking Technique Bypasses Protection
A new DLL (Dynamic Link Library) Search Order Hijacking variant emerged. This method capitalizes on executables in the trusted WinSxS folder of Windows 10 and 11, allowing threat actors to…
Microsoft Disables MSIX App Installer Protocol
Microsoft reportedly disabled MSIX installer protocol in Windows, due to its exploitation in real-world cyberattacks. Hackers found a way to misuse the protocol to install malicious software, bypassing anti-malware software…
