More results...
Sandworm, a hacking group based in Russia, has been associated with an attack on Ukrainian state networks. In these attacks, WinRAR is used to destroy the data present on government devices. The report on this attack comes as threat actors based in Rus…
VulnCheck researchers devised a new exploit for a recently disclosed critical flaw in PaperCut servers that bypasses all current detections. Cybersecurity researchers from VulnCheck have developed a new exploit for the recently disclosed critical flaw in PaperCut servers, tracked as CVE-2023-27350 (CVSS score: 9.8), that bypasses all current detections. The CVE-2023-27350 flaw is a PaperCut MF/NG Improper Access […]
The post Experts devised a new exploit for the PaperCut flaw that can bypass all current detection appeared first on Security Affairs.
Five years ago, security researcher Fernandez Ezequiel discovered a vulnerability (CVE-2018-9995) in many digital video recorder (DVR) brands and released a tool for exploiting it. The vulnerability is still being exploited in the wild, FortiGuard Labs…
Domain security firm InfoBlox discovered a command-and-control exploit that, while extremely rare and complex, could be a warning growl from a new, as-yet anonymous state actor.
The post InfoBlox discovers rare Decoy Dog C2 exploit appeared first on Te…
A recent report has revealed how a vulnerability affecting Service Location Protocol (SLP) can be exploited to launch massive distributed denial-of-service (DDoS) attacks against targets. The security vulnerability has a high severity score. New SLP vu…
If you have the product, but you haven’t patched – well, the crooks have now landed, so please don’t delay. Do it today…
An unauthenticated RCE flaw (CVE-2023-27350) in widely-used PaperCut MF and NG print management software is being exploited by attackers to take over vulnerable application servers, and now there’s a public PoC exploit. About the vulnerability Ac…
The North Korean hacking group, Lazarus, was attributed to the hacking campaign against 3CX. However, it appears as if the supply chain attack on 3CX was just one of the many exploits conducted by the group. The hackers also targeted the power and ener…
North Korean hackers gained unauthorized access to a software company claiming to have hundreds of thousands of customers globally. The attack on the 3CX software company highlighted the advanced hacking capabilities of North Korea. North Korean hacker…
Citizen Lab reported that Israeli surveillance firm NSO Group used at least three iOS zero-click exploits in 2022. A new report from Citizen Lab states that the Israeli surveillance firm NSO Group used at least three zero-click zero-day exploits to deliver its Pegasus spyware. In 2022, the Citizen Lab analyzed the NSO Group activity after finding […]
The post PWNYOURHOME, FINDMYPWN, LATENTIMAGE: 3 iOS Zero-Click exploits used by NSO Group in 2022 appeared first on Security Affairs.