The Apache Software Foundation has issued urgent patches for multiple high-severity vulnerabilities in Apache Traffic Server (ATS), its enterprise-grade caching proxy server. Four distinct flaws (CVE-2024-38311, CVE-2024-56195, CVE-2024-56196, and CVE-2024-56202) enable threat actors to execute request smuggling attacks, bypass access…
Akira Ransomware Attacking Windows Server via RDP & Evades EDR Using Webcam
A sophisticated ransomware group called Akira has been responsible for approximately 15% of cybersecurity incidents in 2024. The threat actor has deployed novel techniques to bypass security defenses, most notably by exploiting unsecured webcams to circumvent Endpoint Detection and Response…
Im Ernstfall sicher im Schutzraum
Schutzräume in Deutschland sind rar und nicht einsatzbereit. Deshalb steht Nachrüstung im Raum. Hierfür ist eine Tür oder ein Tor ein zentrales Sicherheitselement, das einen Schutzraum wirksam macht. Dieser Artikel wurde indexiert von Newsfeed Lesen Sie den originalen Artikel: Im…
Shellcode Encoded in UUIDs, (Mon, Mar 10th)
I returned from another FOR610[1] class last week in London. One key tip I give to my students is to keep an eye on “strange” API calls. In the Windows ecosystem, Microsoft offers tons of API calls to developers. The…
Navigating AI 🤝 Fighting Skynet
Using AI can be a great tool for adversarial engineering. This was just a bit of fun to see if it was possible todo and to learn more about automation but also proving you cannot trust git commit history nor…
Malwarebytes Premium Security awarded “Product of the Year” from AVLab
Malwarebytes Premium Security has once again been awarded “Product of the Year” after successfully blocking 100% of “in-the-wild” malware samples. This article has been indexed from Malwarebytes Read the original article: Malwarebytes Premium Security awarded “Product of the Year” from…
Navigating AI 🤝 Fighting Skynet
Using AI can be a great tool for adversarial engineering. This was just a bit of fun to see if it was possible todo and to learn more about automation but also proving you cannot trust git commit history nor…
WinDbg Vulnerability Allows Attackers to Execute Remote Code
Microsoft recently disclosed a critical vulnerability impacting its debugging tool, WinDbg, and associated .NET packages. Tracked CVE-2025-24043, this flaw allows remote code execution (RCE) due to improper cryptographic signature verification in the SOS debugging extension. According to Github’s Post, Developers…
Commvault Webserver Vulnerability Let Attackers Compromise Webserver
Commvault, a global leader in enterprise data protection and management solutions, has urgently patched a high-severity webserver vulnerability that enables attackers to compromise systems by creating and executing malicious webshells. The flaw affects multiple versions of Commvault’s software across Linux…
Microsoft WinDbg RCE Vulnerability Let Attackers Execute Arbitrary Code Remotely
A high-severity vulnerability CVE-2025-24043, remote code execution (RCE) through improper cryptographic signature validation in the SOS debugging extension. The vulnerability affects critical .NET diagnostic packages including dotnet-sos, dotnet-dump, and dotnet-debugger-extensions, which are integral to .NET Core application debugging workflows. According…
1 Million Devices Infected by Malwares Hosted on GitHub, Microsoft Warns
Microsoft Threat Intelligence detected a large-scale malvertising campaign in early December 2024 that infected nearly one million devices globally in an opportunistic attack designed to steal information. The campaign impacted a wide range of organizations and industries, affecting both consumer…
Strap in, get ready for more Rust drivers in Linux kernel
Likening memory safety bugs to smallpox may not soothe sensitive C coders Rust is alive and well in the Linux kernel and is expected to translate into noticeable benefits shortly, though its integration with the largely C-oriented codebase still looks…
Trump Administration and the Russian Cyber Threat, Firefox Privacy Changes
In this episode, we discuss whether the Trump administration ordered the U.S. Cyber Command and CISA to stand down on the Russian cyber threat. We also touch on the Canadian tariff situation with insights from Scott Wright. Additionally, we discuss…
GUEST ESSAY: Four essential strategies to bolster cyber resilience in critical infrastructure
In 2023, victims reported nearly 900,000 cybercrime complaints to the FBI. Altogether, losses eclipsed $12.5 billion — a significant 22% increase from the losses in 2022. Related: Closing the resiliency gap Unsurprisingly, experts predict this trend will continue to grow…
ONCD consolidates power, undocumented Bluetooth commands, Japan NTT Breach
ONCD set to consolidate power in U.S. cyber Undocumented commands found in Bluetooth chip used by a billion devices Japanese telecom NTT breach affects 18,000 companies Huge thanks to our sponsor, Vanta Do you know the status of your compliance…
Navigating AI 🤝 Fighting Skynet
Using AI can be a great tool for adversarial engineering. This was just a bit of fun to see if it was possible todo and to learn more about automation but also proving you cannot trust git commit history nor…
Thinkware Dashcam Vulnerability Leaks Credentials to Attackers
A series of significant security vulnerabilities have been discovered in the Thinkware Dashcam, specifically the F800 Pro model, which could pose serious risks to users’ privacy and security. These issues include unauthorized access to sensitive data, denial of service, and…
Hackers Leveraging Compromised Email Server To Send Fraudulent Emails
In a sophisticated business email compromise (BEC) attack recently uncovered by Trend Micro Managed XDR team, threat actors exploited a compromised third-party email server to conduct fraudulent financial transactions between business partners. The scheme, which unfolded over several days, involved…
Popular Python Library Vulnerability Exposes 43 million Installations to Code Execution Attacks
A recently disclosed vulnerability in the widely used Python JSON Logger library has exposed an estimated 43 million installations to potential remote code execution (RCE) attacks through a dependency chain flaw. Tracked as GHSA-wmxh-pxcx-9w24 and scoring 8.8/10 on the CVSS…
Notorious Black Basta Tactics, Techniques and Procedures Uncovered From Leak
A significant leak of internal chat logs from the Black Basta ransomware group has provided cybersecurity researchers with unprecedented insight into their operations. A Telegram user named ExploitWhispers unveiled the leak contained approximately 200,000 chat messages dated between September 2023…
Hackers Using Advanced Social Engineering Techniques With Phishing Attacks
Cybercriminals are advancing beyond rudimentary phishing attempts, adopting sophisticated social engineering strategies that build relationships with targets before delivering malicious payloads. ESET’s APT Activity Report shows that the North Korea-aligned threat actors have significantly refined their tactics, making traditional security…
March 2025 Patch Tuesday forecast: A return to normalcy
The February Patch Tuesday updates and activity during the month marked a return to normalcy for patch management. Following the January updates addressing 100+ vulnerabilities, we saw 37 CVEs fixed in Windows 11 and 33 CVEs in Windows 10. This…
Anzeige: IT-Sicherheitskompetenz für Sysadmins
Die zunehmenden Cyberangriffe stellen Unternehmen vor immer größere Herausforderungen. Ein maßgeschneiderter Intensivworkshop vermittelt Sysadmins das notwendige Wissen, um ihre IT-Systeme effektiv zu schützen. (Golem Karrierewelt, Sicherheitslücke) Dieser Artikel wurde indexiert von Golem.de – Security Lesen Sie den originalen Artikel: Anzeige:…
Navigating AI 🤝 Fighting Skynet
Using AI can be a great tool for adversarial engineering. This was just a bit of fun to see if it was possible todo and to learn more about automation but also proving you cannot trust git commit history nor…