Researchers recently uncovered a DarkGate campaign in mid-January 2024, which exploited Microsoft zero-day vulnerability. Researchers at the Zero Day Initiative (ZDI) recently uncovered a DarkGate campaign in mid-January 2024, which exploited the Windows zero-day flaw CVE-2024-21412 using fake software installers. CVE-2024-21412 (CVSS score 8.1) is an Internet Shortcut Files Security Feature Bypass Vulnerability. An unauthenticated attacker […]
The ransomware attack that hit the systems of Nissan Oceania in December 2023 impacted roughly 100,000 individuals. Nissan Oceania, the regional division of the multinational carmaker, announced in December 2023 that it had suffered a cyber attack and launched an investigation into the incident. Nissan immediately notified the Australian Cyber Security Centre and the New […]
Researchers analyzed ChatGPT plugins and discovered several types of vulnerabilities that could lead to data exposure and account takeover. Researchers from Salt Security discovered three types of vulnerabilities in ChatGPT plugins that can be could have led to data exposure and account takeovers. ChatGPT plugins are additional tools or extensions that can be integrated with […]
Fortinet released security updates to address critical code execution vulnerabilities in FortiOS, FortiProxy, and FortiClientEMS. Fortinet this week has released security updates to fix critical code execution vulnerabilities in FortiOS, FortiProxy, and FortiClientEMS. The first vulnerability is an out-of-bounds write issue, tracked as CVE-2023-42789 (CVSS score 9.3), it can be exploited to execute unauthorized code […]
Acer Philippines disclosed a data breach after employee data was leaked by a threat actor on a hacking forum. Acer Philippines confirmed that employee data was compromised in an attack targeting a third-party service provider. Acer Inc. is a Taiwanese multinational company that produces computer hardware and electronics, Acer is investigating the security breach with the help […]
Threat actors behind the ransomware attacks that hit Stanford University in 2023 gained access to 27,000 people. Stanford University confirmed that threat actors behind the September 2023 ransomware attack had access to 27,000 people. The prestigious US university was the victim of a ransomware attack carried out by the Akira ransomware group. The Akira ransomware gang claimed […]
Microsoft Patch Tuesday security updates for March 2024 addressed 59 security vulnerabilities in its products, including RCE flaws. Microsoft released Patch Tuesday security updates for March 2023 that address 59 security vulnerabilities in its products. The IT giant addressed vulnerabilities in Microsoft Windows and Windows Components; Office and Office Components; Azure; .NET Framework and Visual […]
Russia’s Foreign Intelligence Service (SVR) claims that the US intelligence plans to interfere with its presidential election. Russia’s Foreign Intelligence Service (SVR) alleges that the US is plotting to interfere in its upcoming presidential election scheduled this month. According to SVR, US nation-state actors plan to launch cyber attacks against Russian voting systems to disrupt […]
Russian authorities have detained a South Korean national on cyber espionage charges, it is the first time for a Korean citizen. Russian authorities have arrested a South Korean citizen on charges of cyber espionage, marking the first instance involving a Korean national. “During the investigation of an espionage case, a South Korean citizen Baek Won-soon […]
Threat actors can abuse QR codes to carry out sophisticated scams, as reported by the Italian Postal Police in its recent alert. As is well known, QR codes are two-dimensional barcodes that can be read with a smartphone or other hand-held device. They are widely used to access information, services, or online payments quickly and […]