HuntGPT: AI-Based Intrusion Detection Tool
Critical infrastructure has become increasingly the target of cyberattacks, with anticipated yearly damages of $10.5 trillion USD by 2025, up from only $3 trillion USD in 2015. NIST introduced a Cybersecurity Framework in 2014...
New Android Banking Malware Pose as Government App to Target Users
Cybercriminals continue making malware for profit, with a recent report uncovering ASMCrypt in underground forums related to the DoubleFinger loader.
In the cybercrime landscape, researchers at Securelist have also reported on new Lumma stealer and...
Apache NiFi RCE Vulnerability Let Attackers Exfiltrate Sensitive Data
The widely used data integration tool Apache NiFi has been discovered to be susceptible to a critical security flaw tracked as CVE-2023-34468 that might allow remote code execution.
Additionally, this significant issue might allow attackers to exfiltrate sensitive information, compromise...
BunnyLoader: New Malware-as-a-Service (MaaS) Under Rapid Development
A new malware-as-a-service (MaaS) loader under the name “BunnyLoader” has been discovered to be sold in multiple hacking forums. This malware has multiple functionalities which include second-stage payload downloading and executing, browser credentials and...
Marvin Attack: 25-year-old RSA Decryption Vulnerability Disclosed
A new type of vulnerability in the software implementation of PKCS#1 v1.5 padding scheme for RSA key exchange, which was previously confirmed to be susceptible, has been discovered and still can be exploited. This...
Windows Server Running SMB over QUIC Let Attacker Launch DoS Attacks
QUIC, created by Google, is a modern transport layer protocol aimed at enhancing connection reliability and security while addressing latency and packet loss issues utilizing UDP.
Microsoft's QUIC implementation is known as MsQuic, utilized for...
Malicious npm and PyPi Packages Exfiltrate SSH Keys From Server
JavaScript and Python both have their own package repositories called npm (Node Package Manager) and PyPi (Python Package Index), respectively.
They act as key centers for publishing and exchanging reusable code libraries and packages by...
$20M Offered By Russian Zero-Day Seller To Hack Android And iPhone Devices
The Russian company Operation Zero is currently offering researchers $20 million in exchange for hacking tools that would enable its customers to take control of Android and iPhone devices.
“By increasing the premium and providing...
New Ransomware Trend – Threat Actors Deploy Two Ransomware on Victims’ Networks
The FBI alerts on rising ransomware trends and urges organizations to follow mitigation recommendations for minimizing ransomware risks and consequences.
In July 2023, the FBI observed two ransomware trends, and here we have mentioned them:-
Multiple...
Microsoft SharePoint Server Vulnerabilities Chained to Achieve Remote Code Execution
Microsoft SharePoint Server was reported with two vulnerabilities, CVE-2023-29357 and CVE-2023-24955, which threat actors can use for achieving remote code execution (RCE) against Microsoft SharePoint Server.
These vulnerabilities were discovered as part of the Zero...