More results...
The ‘Decoy Dog’ malware toolkit, aimed at enterprises, was uncovered recently by the security analysts at Infoblox by analyzing 70 billion DNS records and traffic that differs from typical online behavior. Decoy Dog was discovered in early …
An Israeli cybersecurity company, Astrix’s Security Research Group, discovered a 0-day vulnerability in Google’s Cloud Platform (GCP) dubbed Ghosttoken on June 19, 2022, which impacts all Google users. The “GhostToken” vulnerabi…
Japanese cybersecurity experts warn that ChatGPT can be deceived by users who input a prompt to mimic developer mode, leading the AI chatbot to generate code for malicious software. Developers’ security measures to deter unethical and criminal ex…
Recently, a new attack campaign has been discovered by the cybersecurity researchers at Aqua Security that exploits Kubernetes RBAC to assemble backdoors and mine cryptocurrency like Monero. Kubernetes API access control system known as RBAC enables ad…
Two new critical flaws have been found in Alibaba Cloud’s popular services, ApsaraDB and AnalyticDB. Both of them were in support of PostgreSQL. Wiz security research team has termed this vulnerability as #BrokenSesame. One of these vulnerabilities pe…
A new hacking tool, AuKill, disables Endpoint Detection & Response (EDR) software for threat actors to launch BYOD attacks by deploying backdoors and ransomware on targeted systems. Sophos researchers witnessed the usage of AuKill in two incidents …
Researchers have recently found that the ICICI Bank systems misconfiguration caused data leakage, exposing more than 3.6 million customers’ sensitive data. ICICI Bank, a multinational Indian bank, operates in 15+ countries worldwide and boasts a …
A recent report from CISA (US Cybersecurity and Infrastructure Security Agency) revealed that the APT 28 group was responsible for exploiting Cisco routers with poor maintenance using CVE-2017-6742. CVE-2017-6742 Attack: Reconnaissance with RCE…
On April 18, 2023, Google released a new update for Chrome Desktop versions with security updates for actively exploited second Chrome zero-day vulnerability that allows attackers to execute an arbitrary code to take complete control of the system remo…
In 2022, NSO Group, the Israeli firm notorious for its spyware technology, reemerged with a slew of zero-click exploit chains designed for iOS 15 and iOS 16. These sophisticated chains of exploits, targeted at iPhones and iPads, were deployed aga…