The vulnerability arises from an unauthenticated buffer-related flaw in Citrix devices, which can be exploited to gain unrestricted access to the appliances and potentially hijack user accounts.
andresr/Getty Images NCC Group released its Threat Pulse for September, which detailed a shocking increase of 153% in September for ransomware attacks. According to the report, the following groups were listed in the number of attacks: LostTrust RansomedVC LockBit Clop As far as targets for ransomware, North America was once again at the top of […]
The attack involves the deployment of a trojanized version of the UTetris application, which acts as a loader for malware and facilitates the spread of the attack to potentially air-gapped systems.
Personal information of around 8,000 global employees, which was exposed in an alleged Decathlon data breach two years ago, has been shared on the dark web. According to a recent blog published by vpnMentor, an online hacker has shared the data from a previously reported breach, which affected Decathlon employees and customers worldwide. This revelation […]
The discontinuation of Internet Explorer, which came bundled with VBScript, eliminates a prevalent infection vector used by threat actors to distribute malware on Windows systems.
Biotechnology company 23andMe, which offers genetic testing and genealogy services, has announced that it was the victim of a data breach following a credential stuffing attack. The cyber attack appeared to be targeting users with Ashkenazi Jewish heritage. The cyber attack was made public on October 6 via a post on 23andMe’s website. In the […]
Oct 04, 2023NewsroomCloud Security / Cyber Threat Microsoft has detailed a new campaign in which attackers unsuccessfully attempted to move laterally to a cloud environment through an SQL Server instance. “The attackers initially exploited a SQL injection vulnerability in an application within the target’s environment,” security researchers Sunders Bruskin, Hagai Ran Kestenberg, and Fady Nasereldeen […]
The vulnerability, which affects CER version 12.5(1)SU4, could be exploited to execute arbitrary commands as the root user. Admins are urged to update their vulnerable installations promptly, as there are no temporary workarounds available.
Oct 04, 2023THNCloud Security / Cyber Threat Microsoft has detailed a new campaign in which attackers unsuccessfully attempted to move laterally to a cloud environment through a SQL Server instance. “The attackers initially exploited a SQL injection vulnerability in an application within the target’s environment,” security researchers Sunders Bruskin, Hagai Ran Kestenberg, and Fady Nasereldeen […]