InfoSecBulletin Cybersecurity for mankind
The new Astaroth Phishing Kit can bypass two-factor authentication to steal login credentials for Gmail, Yahoo, and Microsoft. It uses a reverse proxy, captures credentials in real-time, and hijacks sessions. The new phishing kit called Astaroth has been found on cybercrime networks by SlashNext threat researchers. Astaroth can bypass two-factor …
Read More »TimeLine Layout
February, 2025
-
13 February
CVE-2023-38831
Malware campaign target Bangladeshi Government Entities: Report
A sophisticated malware campaign is targeting military and government entities in Bangladesh. It uses social engineering to deliver malicious files disguised as official documents, aiming to infiltrate secure networks, steal credentials, and access sensitive systems. The attack starts with a WhatsApp message that forwards a file (like 508.rar) pretending to …
Read More » -
13 February
(CVE-2025-1146
CrowdStrike Fixed High-Severity TLS Vuln in Falcon Sensor
CrowdStrike has issued a security advisory for a serious TLS vulnerability, CVE-2025-1146, in its Falcon Sensor for Linux, Falcon Kubernetes Admission Controller, and Falcon Container Sensor. This vulnerability could enable man-in-the-middle (MiTM) attacks. CrowdStrike secures communications from the Falcon sensor to its cloud using standard TLS. However, a validation error …
Read More » -
13 February
CVE-2025-0108 & CVE-2025-0110
Palo Alto Networks Addressed High-Severity PAN-OS Vulns
Palo Alto Networks has issued advisories for two critical vulnerabilities in its PAN-OS. The vulnerabilities, CVE-2025-0108 and CVE-2025-0110, may enable attackers to bypass authentication and run arbitrary commands. CVE-2025-0108: Authentication Bypass Vulnerability A vulnerability in the PAN-OS management web interface (CVSSv3.1 score 7.8) allows unauthenticated attackers with network access to …
Read More » -
13 February
Update Now
Ivanti Patches 3 Critical Flaws in Connect Secure and Policy Secure
Ivanti has released security updates for Ivanti Connect Secure (ICS), Ivanti Policy Secure (IPS), and Ivanti Secure Access Client (ISAC) to fix several vulnerabilities, including three critical issues. The company discovered the flaws via its responsible disclosure program from CISA, Akamai, and the HackerOne bug bounty platform. Ivanti’s security bulletin …
Read More » -
12 February
This Adtech Company is Powering Surveillance of U.S. Military Personnel
Last year, a joint investigation revealed that a Florida-based data broker, Datastream Group, was selling highly sensitive location data that tracked United States (US) military and intelligence personnel overseas. However, at the time, the origin of that data remained unknown. Now, a letter sent to US senator Ron Wyden’s office …
Read More » -
12 February
Intel Patched 374 Vulnerabilities in multiple products
In 2024, Intel addressed a remarkable 374 vulnerabilities across its software, firmware, and hardware products, distributing bug bounty rewards for approximately half of these issues. Intel’s latest product security report reveals that the highest number of resolved bugs last year (272) were in utilities (146), drivers (68), applications (35), SDKs …
Read More » -
12 February
CVE-2025-24016
Critical RCE Vulnerability Discovered in Wazuh Server
Wazuh, a top provider of open-source security solutions, has released a critical security advisory for a remote code execution vulnerability (RCE) (CVE-2025-24016) with a CVSS score of 9.9. This flaw could enable attackers to take full control of affected Wazuh servers. Wazuh is a popular platform for threat prevention, detection, …
Read More » -
12 February
Microsoft 2025 February Patch Tuesday fixes 2 zero-days, 55 flaws
Microsoft’s February 2025 Patch Tuesday includes security updates for 55 vulnerabilities, including four zero-days, two of which are currently being exploited. This Patch Tuesday addresses three critical remote code execution vulnerabilities. The number of bugs in each vulnerability category is listed below: 19 Elevation of Privilege Vulnerabilities 2 Security Feature …
Read More » -
12 February
Patch Now
SonicWall firewall vuln allows hackers to hijack VPN sessions
Bishop Fox security researchers have released detailed information on the CVE-2024-53704 vulnerability, which lets attackers bypass authentication in some versions of the SonicOS SSLVPN application. On January 7, the vendor warned about the risk of exploitation of a flaw and advised administrators to upgrade their SonicOS firewalls’ firmware to fix …
Read More »