Tag: Attackers
-
Multiple CData Vulnerabilities Let Attackers Bypass Security Restrictions
A path traversal vulnerability was discovered in the Java versions of multiple CData products when using the embedded Jetty server, …
-
AI-As-A-Service Providers Vulnerability Let Attackers Perform Cross-Tenant Attacks
The fast acceptance of AI has serious security issues, as this necessitates strict security measures to be put in place for the protection …
-
Critical Progress Flowmon Vulnerability Let Attackers Inject Malicious Code
A new critical vulnerability has been discovered in Progress Flowmon, assigned with CVE-2024-2389. Progress Flowmon is a Cloud Application …
-
Multiple Ivanti Connect Secure Flaw Let Attackers Execute Remote Code
Four new vulnerabilities have been discovered in the Ivanti Connect Secure and Policy Secure Gateways. These vulnerabilities were …
-
It’ll be back: Attackers still abusing Terminator tool and variants
BYOVD (Bring Your Own Vulnerable Driver) is a class of attack in which threat actors drop known vulnerable drivers on a compromised machine …
-
Imperva Web Application Firewall Flaw Let Attackers Bypass WAF Rules
Imperva SecureSphere WAF, a security tool for on-premise web applications, has a vulnerability in some versions that allows attackers to …
-
Backdoor in upstream xz/liblzma Let Attackers Hack SSH Servers
A startling revelation has identified a dangerous security vulnerability in the xz compression utility, specifically within its liblzma …
-
Attackers Keep Evolving: Lessons from Expel’s Q2 2023 Quarterly Threat Report
Cyberdefenders plug the holes, so attackers innovate to try to stay ahead. By Aaron Walton, Threat Intel Analyst, Expel Most cyberattackers …
-
Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious Extensions
A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users’ systems and …
-
Attackers leverage weaponized iMessages, new phishing-as-a-service platform
Scammers are leveraging the Darcula phishing-as-a-service platform, iMessages and Google Messages to great effect. The platform allows them …
-
GoFetch Side-Channel Attack Impact Apple CPUs: Attackers Steal Secret Keys
Researchers have unveiled a new class of microarchitectural side-channel attacks that pose a severe threat to the security of Apple CPUs. …
-
Microsoft Xbox Gaming Services Flaw Let Attackers Gain SYSTEM Privileges
A new elevation of privilege vulnerability has been discovered in the Xbox Gaming services that allow a threat actor to elevate their …
●●●