Aggregator

By enhancing threat detection, enabling real-time risk assessment, and providing predictive insights, AI is empowering organizations to build more robust defenses against cyber threats.

Internet intelligence firm GreyNoise reports that it has been tracking large waves of "Noise Storms" containing spoofed internet traffic since January 2020. However, despite extensive analysis, it has not concluded its origin and purpose. [...]

For a while now, security researchers have been warning about fake human verification pages tricking Windows users into inadvertently installing malware. A recently exposed campaign showed how some users end up on these pages. Beware of fake human verification pages In late August 2024, Palo Alto Networks’ Unit 42 spotted seven CAPTCHA-style human verification pages that were not what they seemed. “These pages have a button that, when clicked, shows instructions for victims to paste … More →

The post Windows users targeted with fake human verification pages delivering malware appeared first on Help Net Security.

We’re revisiting our annual Threat Detection Report with a midyear update highlighting trends from detections in the first half of 2024.

A vulnerability, which was classified as critical, has been found in D-Link DAP-2622. Affected by this issue is some unknown functionality of the component DDP Service. The manipulation leads to stack-based buffer overflow. This vulnerability is handled as CVE-2023-35748. Access to the local network is required for this attack. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Honeywell Saia PG5 Controls Suite. This affects an unknown part of the component CAB File Parser. The manipulation leads to path traversal. This vulnerability is uniquely identified as CVE-2023-51603. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability has been found in Honeywell Saia PG5 Controls Suite and classified as critical. This vulnerability affects unknown code. The manipulation leads to path traversal. This vulnerability was named CVE-2023-51599. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in Honeywell Saia PG5 Controls Suite. Affected by this issue is some unknown functionality. The manipulation leads to xml external entity reference. This vulnerability is handled as CVE-2023-51605. It is possible to launch the attack on the local host. There is no exploit available.

A vulnerability, which was classified as problematic, was found in Honeywell Saia PG5 Controls Suite. This affects an unknown part. The manipulation leads to xml external entity reference. This vulnerability is uniquely identified as CVE-2023-51604. The attack needs to be approached locally. There is no exploit available.

A vulnerability has been found in Honeywell Saia PG5 Controls Suite and classified as problematic. This vulnerability affects unknown code. The manipulation leads to xml external entity reference. This vulnerability was named CVE-2023-51602. An attack has to be approached locally. There is no exploit available.

A vulnerability was found in Honeywell Saia PG5 Controls Suite and classified as problematic. This issue affects some unknown processing. The manipulation leads to xml external entity reference. The identification of this vulnerability is CVE-2023-51601. Local access is required to approach this attack. There is no exploit available.

A vulnerability was found in Honeywell Saia PG5 Controls Suite. It has been classified as problematic. Affected is an unknown function. The manipulation leads to xml external entity reference. This vulnerability is traded as CVE-2023-51600. Attacking locally is a requirement. There is no exploit available.

A vulnerability classified as problematic was found in Kofax Power PDF. This vulnerability affects unknown code of the component JP2 File Parser. The manipulation leads to use after free. This vulnerability was named CVE-2023-51610. The attack can be initiated remotely. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in OpenBSD Kernel. This issue affects some unknown processing of the component Multicast Routing Handler. The manipulation leads to uninitialized resource. The identification of this vulnerability is CVE-2021-34999. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in OpenBSD Kernel. Affected is an unknown function of the component Multicast Routing Handler. The manipulation leads to uninitialized resource. This vulnerability is traded as CVE-2021-35000. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

The anonymity of the Tor network has been scrutinized in a recent investigation by German law enforcement agencies. Despite these revelations, the Tor Project maintains that its network remains secure for users. This article delves into the details of the investigation, its implications for Tor, and the response from various stakeholders. Tor stands as the […]

The post Tor Claims Network is Safe Following Enforcement Infiltration to Expose Criminals appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A threat actor on a well-known dark web forum has allegedly claimed responsibility for a significant data breach involving the Indian financial institution, Federal Bank. The breach reportedly exposes sensitive information of hundreds of thousands of customers, raising serious concerns about data security and privacy. The claim was first reported by a ThreatMon, who shared the […]

The post Threat Actor Allegedly Claims Breach of Federal Bank Customer Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A proof-of-concept (PoC) exploit has been released for a critical zero-day vulnerability identified as CVE-2024-7965, affecting Google’s Chrome browser. This vulnerability explicitly targets the V8 JavaScript engine and is exclusive to ARM64 architectures. The release of this PoC has raised concerns within the cybersecurity community, highlighting a potential avenue for exploitation in widely used devices. […]

The post PoC Exploit Released for CVE-2024-7965 Zero-Day Chrome Vulnerability appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

A new method of attack has emerged that leverages WebDAV technology to host malicious files. This approach, which facilitates the distribution of the Emmenhtal loader—also known as PeakLight—has been under scrutiny since December 2023. The loader is notorious for its stealthy, memory-only execution and its role in distributing various infostealers worldwide. This article delves into […]

The post Webdav Malicious File Hosting Powering Stealthy Malware Attacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Cyber and law enforcement agencies across the “Five Eyes” countries issue warning about large-scale botnet linked to Chinese firm and Flax Typhoon group