The creators of Wireshark, Gerald Combs and Loris Degioanni, have unveiled Stratoshark, a groundbreaking tool designed to bring Wireshark’s renowned capabilities into the cloud era. Building on over 25 years of experience with Wireshark, which has become a staple for…
Tag: Cyber Security News
New Docker 1-Click RCE Attack Exploits Misconfigured API Settings
A newly disclosed attack method targeting Docker installations has raised significant security concerns among developers and system administrators. The vulnerability leverages a misconfigured Docker Engine API setting, allowing attackers to achieve remote code execution (RCE) with minimal user interaction. While…
New Phishing Campaign Mimic Amazon Prime Membership To Steal Credit Card Data
A sophisticated phishing campaign targeting Amazon Prime members has been uncovered, aiming to steal credit card information and other sensitive data. Cybersecurity experts have identified a complex attack chain that leverages PDF attachments, redirects, and cleverly crafted phishing sites to…
FortiOS Authentication Bypass Vulnerability Exploited to Gain Super-Admin Access
A critical zero-day vulnerability in Fortinet’s FortiOS and FortiProxy products tracked as CVE-2024-55591, has been actively exploited in the wild, allowing attackers to gain super-admin privileges. The flaw, which carries a CVSS score of 9.6, has raised significant concerns among…
Microsoft Announces Phishing Attack Protection for Teams Chat Starting February 2025
Microsoft has unveiled a new security feature for its popular collaboration platform, Microsoft Teams, to combat phishing attacks through brand impersonation in external chats. The feature, which will alert users to potential impersonation risks during initial contact from external domains,…
DeepSeek Hit by Large-Scale Cyber Attack, Temporarily Limits Registrations
DeepSeek, the Chinese AI startup that recently dethroned OpenAI’s ChatGPT as the top-rated free app on Apple’s App Store in the United States, announced it is facing a significant cyber attack, prompting the company to temporarily halt new user registrations.…
New Phishing Attack Using zero-width Characters to Bypass Security Filters
Cybercriminals are employing sophisticated strategies to bypass email security filters, creating phishing emails that are undetectable by utilizing HTML entities and zero-width characters. This new wave of attacks, dubbed “Shy Z-WASP,” combines zero-width joiners and soft hyphen entities to obfuscate…
Xerox Workplace Suite Vulnerability Let Attackers Bypass API Security
Xerox has released a critical security bulletin addressing multiple vulnerabilities in its Xerox Workplace Suite, a widely used print management server solution. These vulnerabilities, identified as CVE-2024-55925 through CVE-2024-55931, could allow attackers to bypass API security, manipulate headers, and exploit…
New Attack Abusing Multicast Poisoning for PreAuthenticated Kerberos Relay
A novel attack method leveraging multicast poisoning to execute pre-authenticated Kerberos relay attacks over HTTP. This technique, detailed by Quentin Roland of Synacktiv, combines legacy weaknesses in local name resolution protocols with advanced authentication relaying tools like Responder and krbrelayx.…
Burp Suite 2025.1 With New Intruder Options & Bug Fixes
PortSwigger has released Burp Suite 2025.1, introducing several new features and improvements aimed at enhancing the tool’s usability and efficiency for penetration testers. This update includes significant advancements in the Burp Intruder module, HTTP response analysis, and interaction management, alongside…
New Malware Campaign Using 7z & UltraVNC Tool To Deploy Malware
A sophisticated malware campaign has been uncovered, leveraging 7-Zip self-extracting archives and the UltraVNC remote access tool to target Russian-speaking entities. The operation, attributed to a threat actor dubbed GamaCopy, mimics tactics previously associated with the Kremlin-aligned Gamaredon group. The…
Threat Actors Weaponized XWorm RAT Builder To Attack Script Kiddies
A sophisticated attack campaign have been uncovered recently by the cybersecurity researchers at CloudSEK targeting aspiring hackers, commonly known as “script kiddies.” The operation involves a trojanized version of the XWorm Remote Access Trojan (RAT) builder, which has been weaponized…
Chrome Security Update – Memory Corruption & Access Vulnerabilities Patched
Google has rolled out a new Stable Channel Update for its Chrome browser, addressing critical security vulnerabilities that posed significant risks to users. The update, version 132.0.6834.110/111 for Windows and Mac and 132.0.6834.110 for Linux is being gradually deployed and…
New Phishing Framework Attacking Multiple Brands To Steal Customer Logins
A sophisticated new phishing framework dubbed “FlowerStorm” has emerged, targeting multiple brands simultaneously to steal customer login credentials. Cybersecurity researchers at CloudSEK have uncovered this alarming development, which poses a significant threat to organizations and consumers alike. FlowerStorm, active since…
SCAVY – Framework to Detect Memory Corruption in Linux Kernel for Privilege Escalation
Researchers have unveiled SCAVY, a novel framework designed to automate the discovery of memory corruption targets in the Linux kernel. This discovery aims to address critical gaps in the detection and prevention of privilege escalation exploits, which often leverage memory-corruption…
Apache Solr For Windows Vulnerability Allows Arbitrary Path write-access
A newly disclosed vulnerability in Apache Solr, identified as CVE-2024-52012, has raised concerns among users of the search platform, particularly those running instances on Windows systems. The flaw, categorized as a Relative Path Traversal vulnerability, allows attackers to gain arbitrary…
Critical Intel Trust Domain Extensions Isolation Vulnerability Exposes Sensitive Data
A team of researchers from the Indian Institute of Technology Kharagpur and Intel Corporation has uncovered a significant vulnerability in Intel’s Trust Domain Extensions (TDX) technology, potentially compromising the security of sensitive data in cloud computing environments. Intel TDX, introduced…
Windows Charset Conversion Feature Exploited to Execute Remote Code
Security researchers have uncovered a critical vulnerability in Windows stemming from its “Best-Fit” character conversion feature, which has been exploited to execute remote code. This newly identified attack surface, dubbed “WorstFit,” leverages certain features of Windows’ internal character encoding system…
Critical Fleet Server Vulnerability Exposes Sensitive Information
A critical vulnerability (CVE-2024-52975) has been identified in Elastic’s Fleet Server, posing a severe risk of sensitive information exposure. The flaw, affecting Fleet Server versions 8.13.0 through 8.15.0, allows sensitive data to be logged at the INFO and ERROR log…
Hackers Using RID Hijacking Technique To Create Secret Windows Admin Account
The North Korean-linked Andariel hacking group has been identified using a sophisticated attack campaign that employs the Relative Identifier (RID) technique to covertly create hidden administrator accounts on Windows systems. This deceptive technique enables attackers to avoid traditional detection measures…