Tag: Exploitation
-
Running Malware Below the OS – The State of UEFI Firmware Exploitation
By Adam Paulina, Threat Researcher Intern Usually when we think of malware infections, we think of malicious programs running on top of the …
-
CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw in the Service Location Protocol …
-
Google Chrome Use-after-free Flaw Let Attackers Perform Heap Exploitation
The latest stable version of Google Chrome (version 118.0.5993.70) has been released for Mac and Linux. In contrast, the Windows version …
-
Exploitation Accounts For 29% of Education Sector Attacks
The education sector has been confirmed as a prime target for threat actors, with 29% of attacks originating from vulnerability …
-
CISA Warns of Active Exploitation of JetBrains and Windows Vulnerabilities
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws to its Known Exploited …
-
Exploitation of Critical WS_FTP Server Flaw Spotted in the Wild
Progress-owned WS_FTP was discovered with multiple vulnerabilities associated with cross-site scripting (XSS), SQL injection, cross-site …
-
Qualcomm Releases Patch for 3 new Zero-Days Under Active Exploitation
Chipmaker Qualcomm has released security updates to address 17 vulnerabilities in various components, while warning that three other …
-
Cisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation Attempts
Cisco is warning of attempted exploitation of a security flaw in its IOS Software and IOS XE Software that could permit an authenticated …
-
Critical libwebp Vulnerability Under Active Exploitation – Gets Maximum CVSS Score
Google has assigned a new CVE identifier for a critical security flaw in the libwebp image library for rendering images in the WebP format …
-
Continued MOVEit Exploitation Drives Record Ransomware Attacks
Ransomware attacks hit record levels in July 2023, driven by the Clop gang’s continued exploitation of the MOVEit vulnerability, …
-
Zimbra Warns of Critical Zero-Day Flaw in Email Software Amid Active Exploitation
Zimbra has warned of a critical zero-day security flaw in its email software that has come under active exploitation in the wild. “A …
-
VPN and RDP Exploitation the Most Common Attack Technique
Exploitation of remote services like VPNs and RDP was the most commonly seen attack technique last year, according to a new report from …
●●●