More results...
Recently, a new attack campaign has been discovered by the cybersecurity researchers at Aqua Security that exploits Kubernetes RBAC to assemble backdoors and mine cryptocurrency like Monero. Kubernetes API access control system known as RBAC enables ad…
Two new critical flaws have been found in Alibaba Cloud’s popular services, ApsaraDB and AnalyticDB. Both of them were in support of PostgreSQL. Wiz security research team has termed this vulnerability as #BrokenSesame. One of these vulnerabilities pe…
A new hacking tool, AuKill, disables Endpoint Detection & Response (EDR) software for threat actors to launch BYOD attacks by deploying backdoors and ransomware on targeted systems. Sophos researchers witnessed the usage of AuKill in two incidents …
Researchers have recently found that the ICICI Bank systems misconfiguration caused data leakage, exposing more than 3.6 million customers’ sensitive data. ICICI Bank, a multinational Indian bank, operates in 15+ countries worldwide and boasts a …
A recent report from CISA (US Cybersecurity and Infrastructure Security Agency) revealed that the APT 28 group was responsible for exploiting Cisco routers with poor maintenance using CVE-2017-6742. CVE-2017-6742 Attack: Reconnaissance with RCE…
On April 18, 2023, Google released a new update for Chrome Desktop versions with security updates for actively exploited second Chrome zero-day vulnerability that allows attackers to execute an arbitrary code to take complete control of the system remo…
The X-Force team at IBM has recently found a new malware family known as “Domino,” made by ITG14, aka FIN7, a notorious group of cyber criminals. ITG23, a Trickbot/Conti gang monitored by X-Force, has been deploying the newly discovered mal…
An independent security analyst and bug hunter, Nagli (@naglinagli), recently uncovered a critical security vulnerability in ChatGPT that allow attackers to easily exploit the vulnerability and gain complete control of any ChatGPT user’s account. Chat…
Researchers at ESET found that hardware on resale in the market consisted of highly confidential information such as IPsec or VPN credentials, hashed root passwords, and much more. Second-Hand sales of computing equipment have been in place ever since …
Recent car thefts have involved technology concealed inside outdated Nokia phones and Bluetooth speakers. This brand-new type of car theft is becoming more prevalent in the US. Criminals use tiny gadgets to interface with the car’s control system…