Hot Topics

Exploit

Facial Recognition Fail: How It Misidentified an Innocent Man

Critical SSH Vulnerability, Facial Recognition Flaws, How to Safely Dispose of Old Devices

| | arrest, Cyber Security, Cybersecurity, data, Data Privacy, Delete My Data, Detroit, Detroit Police, Digital Forensics, Digital Privacy, Episodes, Exploit, facial recognition, hard drive, HDD, Information Security, Infosec, Old Computer, Old PC, openssh, personal data, Podcast, Podcasts, Privacy, Qualys, RegreSSHion, Secure Wipe, security, SSH, technology, vulnerability, Weekly Edition, zero-day
In episode 337, we cover “broken” news about the new SSH vulnerability ‘regreSSHion‘ highlighting the vulnerability discovered in the OpenSSH protocol by Qualys and its implications. We then discuss the Detroit Police ...
Shared Security Podcast
Exploit creator selling 250+ reserved npm packages on Telegram

Exploit creator selling 250+ reserved npm packages on Telegram

| | Exploit, Malware Analysis, npm, Sonatype Repository Firewall, Vulnerabilities
Recently, the Sonatype Security Research team identified more than 250 npm packages which are lucrative and convincing exploits, because these are named exactly like the open source projects coming from Amazon Web ...
2024 Sonatype Blog

Google Pixel Firmware Zero-Day Flaw Exploited And Patched

| | CVE-2024-32896, Cybersecurity News, Exploit, Flaw Exploited, Google Pixel Firmware, new exploit
Google has recently issued a warning regarding a critical security flaw affecting Google Pixel Firmware, which has been actively exploited as a zero-day vulnerability. Identified as CVE-2024-32896, this high-severity issue involves an ...
TuxCare
Code 1

Update: CVE-2024-4577 quickly weaponized to distribute “TellYouThePass” Ransomware

| | CVE 2024-4577, Exploit, imperva, Imperva Threat Research, reccomendations, Threat Research
Introduction Recently, Imperva Threat Research reported on attacker activity leveraging the new PHP vulnerability, CVE-2024-4577. From as early as June 8th, we have detected attacker activity leveraging this vulnerability to deliver malware, ...
Blog

GHOSTENGINE Exploit: Vulnerable Drivers Facing Attack

| | BYOVD, Command-and-Control (C2), Cryptojacking, Cyber Threats, Cybersecurity, Cybersecurity News, Elastic Security Labs, Endpoint Detection and Response (EDR), Exploit, GHOSTENGINE, Microsoft Defender Antivirus, persistence, PowerShell Script, security protocols, System Performance, vulnerability patching, Vulnerable drivers, XMRig miner
A recent revelation in the cybersecurity realm uncovers a concerning development dubbed GHOSTENGINE, a cryptojacking campaign employing a sophisticated method to bypass security measures. In this blog, we’ll look at the GHOSTENGINE ...
TuxCare

Gootloader Attacks Healthcare Down Under

| | AttackIQ Flex, cyberattack, Exploit, GootLoader, healthcare, social engineering
In the vast landscape of Australia, the healthcare sector faces mounting challenges in the realm of cybersecurity. Threat actors are increasingly setting their sights on healthcare institutions, exploiting vulnerabilities with cunning precision ...
AttackIQ

Response to ScreenConnect’s Recent Zero-day Vulnerability Exploitation

| | adversary emulation, Broad-Based Attacks, ConnectWise, Exploit, Ransomware, ScreenConnect, SlashAndGrab, zero-day
AttackIQ has released a new assessment template in response to the recent wave of zero-day vulnerability exploits affecting ConnectWise’s ScreenConnect software. This assessment template comprises the various Tactics, Techniques, and Procedures (TTPs) ...
AttackIQ
Biggest iPhone Exploit Ever & Google's $5 Billion Dollar Settlement

Most Advanced iPhone Exploit Ever, Google’s $5 Billion Settlement, Apple’s Journal App

| | api, Apple, Cyber Security, Cybersecurity, Data Privacy, Digital Privacy, Episodes, Exploit, google, Google Privacy Lawsuit, Information Security, Infosec, ios, iPhone, iPhone Exploit, Journal, Journaling, Mobile, Mobile App, New Year, Podcast, Podcasts, Privacy, security, technology, Weekly Edition
In this episode, we discuss the most sophisticated iPhone exploit ever, Google’s agreement to settle a $5 billion lawsuit about tracking users in ‘incognito’ mode, and a new iOS app, Journal. The ...
Shared Security Podcast
cybercrime, cybersecurity, information cybercriminals EO nation-state Developing Nations Cybercrime

Report Provides Rare Glimpse Into Industrialized World of Cybercriminals

| | cyberattack, cybercriminal gang, cybercriminals, Exploit, HP, Malware
HP, Inc. today published a report that revealed most cyberattacks are now being launched by individuals with limited technical expertise as the cybercriminal underworld becomes more industrialized. The report’s author, Alex Holland, ...
Security Boulevard
Meet the Administrators of the RSOCKS Proxy Botnet

Meet the Administrators of the RSOCKS Proxy Botnet

| | 79136334444, A Little Sunshine, Breadcrumbs, Constella Intelligence, Denis "Neo" Kloster, Exploit, Internet Advertising Omsk, [email protected], Ne'er-Do-Well News, RSOCKS botnet, RUSdot, SL MobPartners, Spamdot, Stanx, [email protected], U.S. Department of Justice, Verified
Authorities in the United States, Germany, the Netherlands and the U.K. last week said they dismantled the "RSOCKS" botnet, a collection of millions of hacked devices that were sold as "proxies" to ...
Krebs on Security
Load more

Application Security Check Up