EHA
Redigo

Hackers Exploit Bug in Redis Servers To Drop New Backdoor Malware “Redigo”

Researchers uncovered a new backdoor malware dubbed "Redigo" written in Go -Language, which targets the Redis servers and drops a backdoor to gain complete control of the servers. Redigo Malware was uncovered via vulnerable Redis...
New Google Chrome Zero-Day Bug Actively Exploited in Wild – Emergency Update!

New Google Chrome Zero-Day Bug Actively Exploited in Wild – Emergency Update!

Google released new security updates for actively exploited Chrome zero-day vulnerability that allows attackers to execute an arbitrary code to take full control of the system remotely using the exploit that exists in the...
Critical RCE Flaw With 2M Downloaded

Critical RCE Flaw With 2M Downloaded Android Remote Keyboard Apps Let Attackers Access keystrokes

Multiple critical vulnerabilities were found by the security researchers at Synopsys in three Android apps that enable users to control computer systems with Android devices.  Furthermore, these critical vulnerabilities could be exploited by threat actors...
Hackers Selling Access to Enterprise Networks

Hackers Selling Access to Enterprise Networks via a Critical Flaw in Fortinet Products

Security experts from Cyble security firm have recently identified a security flaw, CVE-2022-40684 that's affecting multiple versions of Fortinet products, and this product range includes the following products:- FortiOS FortiProxy FortiSwitchManager A recently patched critical vulnerability in Fortinet...
13 New Vulnerabilities in BMC Firmware Let Hackers Launch Remote Attacks on OT & IoT Networks

13 New Vulnerabilities in BMC Firmware Let Hackers Launch Remote Attacks on OT &...

BMC (Baseboard Management Controller) firmware from Lanner has been found to contain over a dozen vulnerabilities that could allow remote attacks to be launched against OT and IoT networks. As a result of analyzing an...
OpenSSL Fixed Two High Severity Vulnerabilities That Can be Exploited Remotely

OpenSSL Fixed Two High Severity Vulnerabilities That Can be Exploited Remotely

There have been two high-severity security vulnerabilities recently discovered and patched by the OpenSSL Project in its open-source cryptographic library.  Encryption of communication channels and HTTPS connections is achieved through the use of this cryptographic...
Follina Exploit Let Hackers Compromise the Domain Controller Via RDP Session

Follina Exploit Let Hackers Compromise the Domain Controller Via RDP Session

An intrusion was detected by The DFir Report in early June 2022 that leveraged the Follina vulnerability, CVE-2022-30190 to gain initial access. Apart from getting initial access it also initiated the infection chain of...
GitHub Repojacking Bug Let Hackers Take Control Over a GitHub Repository

GitHub Repojacking Bug Let Hackers Take Control Over a GitHub Repository

A high-severity security flaw has been patched recently by GitHub on September 19, 2022, and it's a cloud-based repository hosting service. By exploiting this vulnerability, malicious repositories could have been created and attacks on...
Chrome Zero-Day Bug Actively Exploited in Wild – Update Now!

Chrome Zero-Day Bug Actively Exploited in Wild – Update Now!

In order to address a potentially exploitable zero-day vulnerability discovered in recent attacks on Google's Chrome desktop web browser, Google has released a security update as an emergency fix. The vulnerability has been tracked as...
Sandbreak – A Critical Remote Code Execution Bug Found in Widely Used vm2 JavaScript Sandbox

Sandbreak – A Critical Remote Code Execution Bug Found in Widely Used vm2 JavaScript...

In the JavaScript sandbox library vm2, the cybersecurity analysts at Oxeye research team have recently found a severe RCE flaw dubbed, "Sandbreak." Through the NPM package repository, the vm2 sandbox library achieves a total of...