SIEM as a Service
New Windows Zero-Day Vulnerability Let Attackers Steal Credentials from Victim’s Machine

New Windows Theme Zero-Day Vulnerability Let Attackers Steal Credentials

New identical Windows Theme Zero-Day Vulnerability Let Attackers Steal Credentials vulnerability that might allow attackers to obtain NTLM credentials of compromised systems while fixing CVE-2024-38030, a medium-severity Windows Themes spoofing issue. Acros Security researchers reported...
Samsung Use-After-Free Zero-day Vulnerability Exploited In The Wild

Samsung Use-After-Free Zero-day Vulnerability Exploited In The Wild

Samsung has devices affected by a critical security vulnerability (CVE-2024-44068) that affects multiple Exynos mobile processors actively exploited in the wild. The high-severity flaw impacts several processor models, including the Exynos 9820, 9825, 980, 990,...
52 Zero-Days Uncovered: Hackers Earn $486,250 at Pwn2Own Ireland 2024

52 Zero-Days Uncovered: Hackers Earn $486,250 at Pwn2Own Ireland 2024

The first day of Pwn2Own Ireland 2024 has concluded with an impressive showcase of cybersecurity prowess, as hackers demonstrated their skills by uncovering 52 zero-day vulnerabilities. The event, held at Trend Micro’s offices in...
Internet Explorer zero-day Flaw

North Korean Hackers Exploited Internet Explorer Zero-Day Flaw

A joint report by AhnLab Security Emergency response Center (ASEC) and the National Cyber Security Center (NCSC) has revealed a new zero-day vulnerability (CVE-2024-38178) in Microsoft Internet Explorer (IE) being actively exploited by North...
Hackers Exploiting Ivanti CSA Zero-days To Compromise Victims’ Networks

Nation-State Actors Exploiting Ivanti CSA 0-days To Compromise Victims’ Networks

Researchers have uncovered a sophisticated attack campaign targeting Ivanti Cloud Services Appliance (CSA) users. Nation-state actors are exploiting multiple zero-day vulnerabilities in the CSA to gain unauthorized access to victims' networks and establish a...
iTunes 0-day Privilege Escalation Flaw Let Attackers Hack Windows

iTunes 0-day Privilege Escalation Flaw Let Attackers Hack Windows

iTunes is a media player which is developed by Apple Inc. and this application enables users to purchase, organize, and play digital music and videos.  It was launched in 2001 and revolutionized the way people...
Windows MSHTML Zero-Day Vulnerability Exploited In The Wild

Windows MSHTML Zero-Day Vulnerability Exploited In The Wild

The Windows MSHTML platform spoofing vulnerability, CVE-2024-43461, which affects all supported Windows versions, has been exploited in the wild. CVE-2024-43461 was used in attacks by the Void Banshee APT hacking group. Research from Trend Micro...
Exploitation Zero-Day Vulnerabilities Remote Access Became Prime Target

Exploitation Zero-Day Vulnerabilities For Remote Access Became Prime Target

The cybersecurity landscape in 2024 has been marked by a significant surge in malware and vulnerabilities.  The Key trends include the expansion of Ransomware-as-a-Service (RaaS), an increase in software supply chain attacks, and the exploitation...
Windows Smart App Control Zero-Day

Windows Smart App Control Zero-Day (CVE-2024-38217) Exploited Since 2018 Finally Fixed

Microsoft has addressed a critical zero-day vulnerability affecting its Windows Smart App Control (SAC) and SmartScreen security features. This vulnerability was fixed at Microsoft’s September 2024 Patch Tuesday, which addressed a significant number...
RomCom Office 0-Day Ransomware

RomCom Group Exploiting Microsoft Office 0-day To Deploy Ransomware

The Russian group RomCom, dubbed Storm-0978, distributes underground ransomware by leveraging the Microsoft Office and Windows HTML RCE zero-day vulnerability identified as CVE-2023-36884. This ransomware encrypts files on victims' Windows computers, similar to typical ransomware,...
SIEM as a Service

Recent Posts

SVG Files With Google Drive Links

Weaponized SVG Files With Google Drive Links Attacking Gmail, Outlook &...

Cybercriminals have escalated their phishing tactics by leveraging Scalable Vector Graphics (SVG) files to bypass traditional anti-phishing and anti-spam defenses.  These attacks, which first became...