Microsoft “nOAuth” is Vulnerable to Simple Email Spoofing
In June, researchers revealed a vulnerability in Azure Active Directory and third-party apps called "nOAuth," that could result in a complete account takeover. This is just one of the many…
American Airlines Hacked by Cl0P Gang, MOVEit Involved
American Airlines, the major airline company in the US, appears to be yet another victim of MOVEit vulnerability. Specifically, Cl0p ransomware gang hackers claim the successful attack upon the co.…
Trojan:Win32/Randet.A!plock – What is That Detection?
Windows Defender's mass detections of Trojan:Win32/Randet.A!plock worries people. Are the user files complained about by Defender malicious? Trojan:Win32/Randet.A!plock Microsoft Defender Detection Recently, users have been actively discussing on thematic forums…
Microsoft CVE-2023-36884 Vulnerability Exploited in the Wild
On July 11, 2023, Microsoft published an article about addressing the CVE-2023-36884 vulnerability. This breach allowed for remote code execution in Office and Windows HTML. Microsoft has acknowledged a targeted…
Researchers Found BlackLotus UEFI Bootkit Sources on GitHub
The source code for the BlackLotus UEFI bootkit, which was previously sold on the dark web for $5,000, has been discovered by Binarly analysts on GitHub. The researchers say the…
What is Cyber Risk Exposure and How Can You Manage It?
Modern businesses face cybersecurity threats daily. While most are effectively neutralized, a successful attack can lead to unpleasant consequences. Therefore, it is crucial for organizations to clearly understand their vulnerability…
Hot and Cold Crypto Wallets Hacking
Cryptocurrency is a rapidly changing world where people can make fortunes by exchanging digital assets. However, seasoned investors and newcomers alike are at risk of falling prey to crypto phishing…
Forged Driver Signatures Exploited In The Wild
Hackers actively use driver signature spoofing, which originates from a loophole in Windows kernel-mode drivers handling mechanism. They heavily bear on open-source utilities that were primarily designed for temporal circumvention…
Legion Stealer targeting PUBG players
Scammers are using a misleading GitHub page to distribute Legion Stealer to fans of rogue PUBG games. Under the guise of cheats, users download malware. Legion Stealer Attacks PUBG Players…
MOVEit Transfer Fixes a New Critical Vulnerability
After hundreds of companies were attacked with a 0-day vulnerability in MOVEit Transfer, the developer of this file transfer management product, Progress Software, promised to regularly release patches to provide…
California Water Treatment Plant Is in the Hands of a Hacker
Rambler Gallo, a resident of Tracy, Calif., has been charged with maliciously damaging a computer after it allegedly infiltrated a network of a water treatment plant in Discovery Bay. The…
Wise Remote Trojan: Infostealer, RAT, DDoS Bot, and Ransomware
Wise Remote Stealer is a potent and malicious software that operates as an infostealer, Remote Access Trojan (RAT), DDoS bot, and ransomware. It has gained notoriety within the cybersecurity community…
