Critical LG TV Vulnerabilities Allow for Command Execution

LG TV users are advised to update the software to the latest version due to the 4 critical security flaws

LG reports fixing four critical vulnerabilities discovered in many of its TVs. These vulnerabilities were found back in 2023, and could allow malicious actors to gain control of affected LG TVs. Good news – the attacker should connect to the same network to exploit the flaw. Bad news – they can continue using the device… Continue reading Critical LG TV Vulnerabilities Allow for Command Execution

Progress Flowmon Command Injection Flaw Discovered

Progress uncovers critical flaw in Flowmon that allows for arbitrary command execution

Progress Flowmon, a popular network monitoring software solution, appears to be vulnerable to arbitrary command injection. Successful exploitation of the flaw can grant adversaries with full access to the network infrastructure, leading to catastrophic consequences. The developer already released the fix and insists on its urgent installation. Flowmon Command Injection Flaw Threatens Network Security The… Continue reading Progress Flowmon Command Injection Flaw Discovered

UnitedHealth Hack Leaks 6 TB of User Data

The BlackCat group hacked into UnitedHealth, stealing massive amounts of data.

UnitedHealth Group, one of the largest providers of health insurance and health care services in the United States, suffered a cyberattack with the following data breach. The company admitted that the personal data of millions of patients was “stolen” in a cyberattack. This incident is already being called one of the largest in healthcare history.… Continue reading UnitedHealth Hack Leaks 6 TB of User Data

Microsoft SharePoint Vulnerability Exploited, Update Now

A critical vulnerability in Microsoft SharePoint is now under active exploitation

In late March 2024, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued the alert regarding the exploitation of a flaw in Microsoft SharePoint. It was detected back in September 2023, but the facts of active exploitation surfaced only recently. Fortunately, Microsoft offers updates that fix the flaw. Remote code execution vulnerability A vulnerability designated… Continue reading Microsoft SharePoint Vulnerability Exploited, Update Now

ShadowRay Vulnerability Threatens AI Workloads, No Patch Available

Researchers noticed that a vulnerability in question is actively exploited

Recent review of vulnerabilities in the Ray framework uncovered the unpatched flaw, dubbed ShadowRay. It appears that hundreds of machine learning clusters were already compromised, leading to the leak of ML assets. Researchers trace the first attack that used this vulnerability to September 2023, meaning that the vulnerability already circulates for over half a year.… Continue reading ShadowRay Vulnerability Threatens AI Workloads, No Patch Available

STRRAT and Vcurms Malware Abuse GitHub for Spreading

Attackers are using GitHub as a source for the final payload

A new phishing campaign has recently been discovered that uses GitHub to deliver Remote Access Trojans (RAT) STRRAT and Vcurms via a malicious Java downloader. ANY.RUN specialists have detected the active spread of these malicious programs and warn users against potential threats. Short About STRRAT and Vcurms STRRAT is a Java-based RAT, notorious for its… Continue reading STRRAT and Vcurms Malware Abuse GitHub for Spreading

Fortinet RCE Vulnerability Affects FortiClient EMS Servers

Critical vulnerability CVE-2023-48788 in FortiClient EMS, potentially allow remote code execution without authentication.

Fortinet disclosed a critical vulnerability affecting FortiClient EMS products in March 2024. This vulnerability, categorized as an SQL injection, poses a significant cybersecurity threat. Above all, it has the potential to allow remote attackers to execute arbitrary commands on administrative workstations. Fortinet SQLi Vulnerability Causes Remote Code Execution As I mentioned, the vulnerability is classified… Continue reading Fortinet RCE Vulnerability Affects FortiClient EMS Servers

Adobe Reader Infostealer Plagues Email Messages in Brazil

Frauds use forged PDF documents to deploy infostealers

A recent email spam campaign reportedly spreads infostealer malware under the guise of Adobe Reader Installer. Within a forged PDF document, there is a request to install Adobe Reader app, that triggers malware downloading and installation. Considering the language of the said documents, this malicious activity mainly targets Portugal and Brazil. Infostealer Spreads in Fake… Continue reading Adobe Reader Infostealer Plagues Email Messages in Brazil

LockBit Ransomware Taken Down by NCA

LockBit was considered the toughest nuts, but then law enforcements pulled a nutcracker

On February 19, 2024, LockBit ransomware was taken down by the UK National Crime Agency in cooperation with a selection of other law enforcement agencies. The banner typical for such takedowns now illustrates all the web assets of LockBit ransomware. There is quite a hope about the possible release of decryption keys and even a… Continue reading LockBit Ransomware Taken Down by NCA

MIT Hacked, Students’ Data Sold on the Darknet

Hackers publish a database full of info about the current - and past - students of MIT

On February 13, 2024, a post on a Darknet forum appeared, offering to purchase a large pack of data leaked from Massachusetts Institute of Technology (MIT). The hacker under the alias “Ynnian” claims that the leak happened this year, and consists mainly of students’ data. No pay is asked for this DB, hence the information… Continue reading MIT Hacked, Students’ Data Sold on the Darknet