Sunday , February 23 2025

Vulnerabilities

Barracuda fixes new ESG zero-day exploited by hackers

Barracuda

Barracuda, fixed a zero-day bug on December 21. The bug was used by hackers known as UNC4841 to exploit Email Security Gateway (ESG) appliances. The company released additional security updates the following day for compromised ESG appliances that were attacked with SeaSpy and Saltwater malware. A security vulnerability was disclosed …

Read More »

Draft emergency plan
China to enforce 10 min response time for data breaches

China flag

China proposed a four-tier classification to respond to data security incidents, showing its concern about data leaks and hacking in the country. The plan is due to increased tensions with the United States and its allies. It follows an incident where a hacker claimed to have gotten a large amount …

Read More »

CERT-In
Warning! Govt alerts Samsung users; here’s why

mobile phone

The Indian government urgently asked Samsung smartphone users to update their devices due to security vulnerabilities. CERT-In issued a warning about a threat to certain Samsung devices running on Android versions 11, 12, 13, and 14. These vulnerabilities could be exploited to gain unauthorized access to sensitive data on these …

Read More »

Sophos updated RCE fix after attacks on unsupported firewalls

sophos logo

Sophos had to update old firewall firmware versions due to a security vulnerability (CVE-2022-3236) after attacked by hackers. There is a code injection flaw in the User Portal and Webadmin of Sophos Firewall. This flaw allows for remote code execution. ALSO READ: Bypassing major EDRS using “POOL PARTY”, Hackers revealed …

Read More »

process injection techniques
Bypassing major EDRS using “POOL PARTY”, Hackers revealed

Researchers at cybersecurity firm SafeBreach created a new method called Pool Party. This method allows attackers to bypass EDR solutions. The researchers presented Pool Party at Black Hat Europe 2023. The experts discovered an new way to inject processes by using Windows thread pools. Researchers found eight new process injection …

Read More »

APACHE FIXED CRITICAL RCE FLAW CVE-2023-50164 at STRUTS 2

STRUTS CVE

The Apache Software Foundation fixed a critical file upload vulnerability in the Struts 2 open-source framework. This flaw, tracked as CVE-2023-50164, could allow remote code execution. An attacker can manipulate file upload parameters to upload a malicious file and execute code on the server. “An attacker can manipulate file upload …

Read More »

Cyber attack on Sparrso; Hacker’s claim, Sparrso’s denial

A hacktivist group named “Team Network Nine” claimed a cyber attack on “Bangladesh Space Research and Remote Sensing Organization (SPARSO). The group claimed that the December 1 attack resulted in Sparrso’s website being down for 1 hour. An Indian media reported on the issue. According to the report, the hacktivist …

Read More »

vulncheck report
15,000 Go Module Repositories on GitHub Vulnerable to Repojacking Attack

Repository on GitHub

15,000 Go module repositories on GitHub are vulnerable to repojacking attack, according to new research. VulnCheck chief technology officer jacob Baines shared a report with renowned newspaper where he said, “More than 9,000 repositories are vulnerable to repojacking due to GitHub username changes, “More than 6,000 repositories were vulnerable to …

Read More »

Blog post update
Microsoft warns of exploiting critical outlook vulnerability

Microsoft has found a group called Forest Blizzard (also known as STRONTIUM) in Russia using a security vulnerability called CVE-2023-23397 to get into email accounts on Exchange servers without permission. The Polish Cyber Command (DKWOC) is working with Microsoft to stop Forest Blizzard and prevent them from using their tricks. …

Read More »

ShadowServer Foundation
About 20,000 Microsoft Exchange Servers at Risk of Cyberattacks

Exchange server

A lot number of microsoft Exchange email servers in Europe, the United States, and Asia are at risk because they are accessible on the public internet. These servers are using an old and unsupported version of the software, which makes them vulnerable to multiple security issues, including some that are …

Read More »