Cisco warns of a command injection escalation flaw in its IMC. PoC publicly available Pierluigi Paganini April 18, 2024 Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly available exploit code exists. Cisco has addressed a high-severity Integrated Management Controller (IMC) vulnerability and is aware of a public exploit […]
A recent analysis by Cyble has revealed a concerning escalation in the fake e-shop campaign, signaling a looming threat to banking security across various regions. Initially focused on Malaysian banks, this e-shop phishing campaign has now extended its reach to financial institutions in Vietnam and Myanmar. What sets this phishing campaign apart from others on […]
A recent Unit 42 investigation revealed a dual privilege escalation chain impacting Google Kubernetes Engine (GKE). This exploit chain arises from specific misconfigurations in GKE’s FluentBit logging agent and Anthos Service Mesh (ASM). When combined, these issues could provide attackers with existing Kubernetes cluster access an opportunity to escalate privileges. Kubernetes, a widely adopted open-source […]
Check Point’s Harmony Email team has reported a dramatic escalation in QR code phishing attacks (aka quishing), with a 587% spike recorded from August to September 2023. This surge reflects a troubling trend as threat actors increasingly employ the attack tactic to compromise user credentials. What’s happening? The attacks, predominantly quishing and QRLJacking, involve QR […]
Several hacker groups have joined in on the Israel-Hamas conflict escalation that started over the weekend after the Palestinian militant group launched a major attack. Hamas launched an unprecedented attack on Israel out of Gaza, firing thousands of rockets and sending its fighters to the southern part of the country. In response, Israel declared war […]