Misconfigurations in Microsoft Exchange open new doors to email spoofing attacks

A new report from the Acronis Threat Research Unit has uncovered a vulnerability in Microsoft Exchange Online settings that could enable email spoofing attacks. This issue primarily affects users with a hybrid configuration of on-premises Exchange and Exchange Online, and Read More …

North Korean threat actor Citrine Sleet exploiting Chromium zero-day

On August 19, 2024, Microsoft identified a North Korean threat actor exploiting a zero-day vulnerability in Chromium, now identified as CVE-2024-7971, to gain remote code execution (RCE). Microsoft researchers assess with high confidence that the observed exploitation of CVE-2024-7971 can Read More …

Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence

Trend Micro observed a new attack vector of weaponization for the vulnerability CVE-2023-22527 using the Godzilla backdoor. Following initial exploitation, a loader was loaded into the Atlassian victim server which loads a Godzilla webshell. On January 16, 2024, Atlassian released a Read More …

State-backed attackers and commercial surveillance vendors repeatedly use the same exploits

Google’s Threat Analysis Group (TAG) observed multiple in-the-wild exploit campaigns, between November 2023 and July 2024, delivered from a watering hole attack on Mongolian government websites. The campaigns first delivered an iOS WebKit exploit affecting iOS versions older than 16.6.1 Read More …

Hacked GPS tracker reveals location data of customers

Stalkerware researcher maia arson crimew strikes again. Big time. We know maia as a researcher that loves to go after stalkerware peddlers, which Malwarebytes—as one of the founding members of the Coalition Against Stalkerware—loves to see. The investigation into Tracki, Read More …

New Windows Cyber Attacks Confirmed – CISA Says Update By September 3

Microsoft has released the monthly round of Patch Tuesday security updates, with fixes for a total of 90 vulnerabilities across the Windows ecosystem. Of these, the Microsoft Security Response Center warns that five Windows vulnerabilities have confirmed and active cyber Read More …

ArtiPACKED: Hacking Giants Through a Race Condition in GitHub Actions Artifacts

This research reviews an attack vector allowing the compromise of GitHub repositories, which not only has severe consequences in itself but could also potentially lead to high-level access to cloud environments. This is made possible through the abuse of GitHub Read More …

5G network flaws could be abused to let hackers spy on your phone

5G basebands could be exploited by attackers to allow them to send fake messages to your contacts, or even hand over your credentials using a very real-looking website, experts have warned. Unveiled at the Black Hat cybersecurity conference, a research Read More …