Microsoft fixed two zero-day vulnerabilities in April 2024 Patch Tuesday, but they didn’t label them as such at first. CVE-2024-26234 is a vulnerability that involves a malicious driver being signed with a valid Microsoft Hardware Publisher Certificate. It was discovered by Sophos X-Ops in December 2023 and reported by team …
Read More »
Fortinet has released security updates for various products, including OS and FortiProxy, to fix vulnerabilities that could allow a cyber threat actor to take control of a system. CISA encourages users and administrators to take the following steps for enhanced security: FR-IR-23-345 FortiClientMac – Lack of configuration file validation: An …
Read More »
Data of over 7.5 million boAt customers is now on the dark web. This includes personal information like names, addresses, contact numbers, email IDs, and customer IDs. The attacker has released around 2GB of data on a forum. On April 5, a hacker named ShopifyGUY said they hacked the data …
Read More »
What Is Orbot? Orbot is a free app created by the Guardian Project. It helps protect your privacy by routing your internet traffic through the Tor network, which encrypts your data and conceals your online activity, keeping your identity and location private. How Does Orbot Work? Here’s a breakdown of …
Read More »
Vietnamese hackers are targeting businesses in Asia to get corporate credentials and financial data to sell online. Researchers at Cisco Talos found a group of hackers, known as CoralRaider, targeting India, China, South Korea, Bangladesh, Pakistan, Indonesia, and local entities with a specific type of malware. Talos believes that the …
Read More »
Germany is set to introduce a dedicated cyber branch in its military structure to counter the growing cyber threats. The German Cyber and Information Domain Service (CIR) will become the fourth independent branch of the country’s armed forces. “Like the army, air force and navy, it has responsibility for carrying …
Read More »
The HTTP/2 protocol has a vulnerability in the CONTINUATION frame that allows for denial-of-service (DoS) attacks. Security researcher Bartek Nowotarski named this technique HTTP/2 CONTINUATION Flood and reported it to the CERT Coordination Center (CERT/CC) on January 25, 2024. “Many HTTP/2 implementations do not properly limit or sanitize the amount …
Read More »
WhatsApp is currently experiencing a global outage. Users around the world are unable to connect to the messaging service since 2PM ET today. The problem seems to be affecting all 2 billion users of WhatsApp. WhatsApp does not have a status page. It is also not listed on Meta’s service …
Read More »
They were supposed to be under lock and key, in a secure storage room deep inside Europol’s headquarters in The Hague. But a clutch of highly sensitive files containing the personal information of top law enforcement executives went missing last summer. Europe’s law enforcement agency has been mired in a …
Read More »
A new version of JSOutProx has been detected by Resecurity. This version is targeting financial services and organizations in the APAC and MENA regions. JSOutProx is a sophisticated attack framework that uses both JavaScript and .NET to carry out its attacks. The malware allows for the loading of various plugins …
Read More »
InfoSecBulletin Cybersecurity for mankind
