Thursday , April 24 2025

infosecbulletin

Hacker to use fake Palo Alto GlobalProtect Tool in cyber attack

Flow chart

Trend Micro researchers identified a sophisticated malware campaign that aims at Middle East organizations. The campaign tricks victims into infecting their devices by pretending to be a real Palo Alto GlobalProtect VPN client. The attack begins with the distribution of a malicious file named “setup.exe,” which masquerades as a legitimate …

Read More »

Mirai Botnet Exploits Zero-Day Vulnerability CVE-2024-7029

IOT

Akamai’s Security Intelligence Response Team (SIRT) found a large Mirai botnet campaign that is using a new zero-day vulnerability (CVE-2024-7029) in AVTECH IP cameras. The vulnerability, which allows for remote code execution, has been leveraged to propagate a Mirai variant dubbed “Corona,” raising significant concerns about critical infrastructure security. CVE-2024-7029 …

Read More »

Google Cloud Leak Exposed Data of 83,000 Shark Tank Contestant

bucket

A Google Cloud Storage bucket linked to Alice’s Table, a Shark Tank contestant offering virtual floral arrangement classes, has leaked personal data of over 83,000 customers. Cybernews and Cyble researchers found a misconfigured cloud bucket while investigating. Researchers found that the Google bucket belonged to Alice’s Table, a company founded …

Read More »

CVE-2024-38856
CISA Issues Alert for Actively Exploited Apache OFBiz Vulnerability

coding

CISA issued a warning about a security flaw in Apache OFBiz, an ERP system. The vulnerability is being actively exploited and has been added to CISA’s Known Exploited Vulnerabilities catalog as CVE-2024-38856. CVE-2024-38856 is a serious security flaw in Apache OFBiz. It allows attackers to run code on a remote …

Read More »

Chinese Volt Typhoon hackers exploited Versa zero-day breaching ISPs, MSPs

camera

Lumen Technologies’ malware hunters have discovered Chinese APT group Volt Typhoon using a new zero-day exploit in Versa Director servers. They used this exploit to steal credentials and gain unauthorized access to the networks of downstream customers. CVE-2024-39717 is a serious vulnerability that CISA added to their must-patch list after …

Read More »

NSA Unveils Best Practices for Event Log & Threat Detection – 2024

NSA

NSA has released Best Practices for Event Logging and Threat Detection to make sure important systems keep working. These practices apply to cloud services, enterprise networks, mobile devices, and operational technology networks. The Cybersecurity Information Sheet (CSI) was created with international co-authors, including the Australian Signals Directorate’s Australian Cyber Security …

Read More »

Infosecbulletin’s malware newsletter August

hacker

The Malware newsletter from Infosecbulletin features the top articles and research on malware from around the world. The “Mad Liberator” ransomware group leverages social-engineering moves to watch out for Best Laid Plans: TA453 Targets Religious Figure with Fake Podcast Invite Delivering New BlackSmith Malware Toolset TodoSwift Disguises Malware Download Behind …

Read More »

Patch Now! Dell Power Manager Vulnerability Allow Unauthorized Access

DELL

Dell Technologies identified a security vulnerability in Dell Power Manager (DPM), in versions 3.15.0 and older. The vulnerability, named CVE-2024-39576, allows a low-privileged attacker with local access to execute code and gain higher privileges. Vulnerability Details: Lefteris Panos from LRQA Nettitude found the vulnerability in Dell Power Manager. This vulnerability …

Read More »