New Windows Cyber Attacks Confirmed – CISA Says Update By September 3

Microsoft has released the monthly round of Patch Tuesday security updates, with fixes for a total of 90 vulnerabilities across the Windows ecosystem. Of these, the Microsoft Security Response Center warns that five Windows vulnerabilities have confirmed and active cyber Read More …

Mitigating the Latest Vulnerability (CVE-2024-5008) in Progress WhatsUp Gold

The SonicWall Capture Labs threat research team became aware of an arbitrary file upload vulnerability in Progress WhatsUp Gold, assessed its impact and developed mitigation measures. WhatsUp Gold is a software that monitors every connected device in the network, providing Read More …

VMware ESXi CVE-2024-37085 Targeted in Ransomware Campaigns

On Monday, July 29, Microsoft published an extensive threat intelligence blog on observed exploitation of CVE-2024-37085, an Active Directory integration authentication bypass vulnerability affecting Broadcom VMware ESXi hypervisors. The vulnerability, according to Redmond, was identified in zero-day attacks and has Read More …

Telegram Zero-Day Let Hackers To Spread Malware Hidden in Videos

Cybersecurity researchers at ESET discovered a zero-day vulnerability that targeted the Telegram for Android app and sent malicious files disguised as videos through chats. The zero-day exploit, dubbed “EvilVideo,” allowed hackers to share Android payloads via Telegram channels, groups, and Read More …

CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks

Trend Micro Zero Day Initiative (ZDI) discovered the MHTML remote code execution (RCE) vulnerability CVE-2024-38112. Trend Micro researchers immediately alerted Microsoft of this vulnerability being used in–the-wild as ZDI-CAN-24433. CVE-2024-38112 was used as part of an attack chain by the Read More …

Resurrecting Internet Explorer: Threat Actors Using Zero-Day Tricks In Internet Shortcut File To Lure Victims (CVE-2024-38112)

Check Point Research recently discovered that threat actors have been using novel (or previously unknown) tricks to lure Windows users for remote code execution. Specifically, the attackers used special Windows Internet Shortcut files (.url extension name), which, when clicked, would Read More …

July Patch Tuesday Unleashes a Torrent of Updates

With the information security industry’s two largest conferences (Black Hat Briefings and Def Con) set to happen in less than a month, Microsoft pulled out all the stops and, for July, nearly tripled the number of patches they released in Read More …

Ransomware Attackers May Have Used Privilege Escalation Vulnerability as Zero-day

The Cardinal cybercrime group (aka Storm-1811, UNC4393), which operates the Black Basta ransomware, may have been exploiting a recently patched Windows privilege escalation vulnerability as a zero-day. The vulnerability (CVE-2024-26169) occurs in the Windows Error Reporting Service. If exploited on Read More …

Critical Path Traversal Vulnerability in Check Point Security Gateways (CVE-2024-24919)

The SonicWall Capture Labs threat research team became aware of an exploited-in-the-wild information disclosure vulnerability affecting the Check Point Security Gateways. Identified as CVE-2024-24919 and given a CVSSv3 score of 8.6, the vulnerability is more severe than it initially appears. Read More …