InfoSecBulletin Cybersecurity for mankind
LightSpy mobile espionage campaign, which focuses on targets in Southern Asia and probably India, potentially indicating a renewed focus and grow tensions in the region. VirusTotal submissions from India suggest potential victims within its borders, aligning with recent warnings by Apple on detections within the same country. Technical Details: Infection …
Read More »TimeLine Layout
April, 2024
-
15 April
Palo Alto Releases Urgent Fixes for PAN-OS Vulnerability
Palo Alto Networks released hotfixes to fix a serious security flaw in PAN-OS software, being actively exploited. The CVE-2024-3400 vulnerability has a critical CVSS score of 10.0. It is a command injection flaw in the globalProtect feature that allows an unauthenticated attacker to run any code with root privileges on …
Read More » -
14 April
Hackers Manipulate GitHub Search to Deliver Malware to developer
Checkmarx researchers found that hackers are using GitHub search results to distribute long-lasting malware to developers’ computers. The attackers in this campaign make harmful repositories with popular names and topics. They use techniques like automated updates and fake stars to improve search rankings. “By leveraging GitHub Actions, the attackers automatically …
Read More » -
13 April
Google Cloud and Palo Alto Networks joins for Cloud-Native NGFW Service
Google Cloud and Palo Alto Networks to announce the release of Google Cloud Next-Generation Firewall (NGFW) Enterprise. The managed firewall service, powered by Palo Alto Networks security technology, provides strong threat prevention features needed for cloud-based business operations. Google Cloud NGFW Enterprise provides advanced Layer 7 security features to protect …
Read More » -
12 April
ALERT
Bitdefender Critical Vulns Let Attackers Gain Control Over System
The Bitdefender GravityZone Update Server is vulnerable to server-side request forgery (SSRF) because of an incorrect regular expression. Bitdefender’s GravityZone: Bitdefender’s GravityZone Update Server has a critical vulnerability with a CVSS score of 8.1. It could allow an attacker remote network access to compromise the server with low privileges. Bitdefender …
Read More » -
12 April
ZERO DAY ALERT
Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack
A critical zero-day vulnerability in Palo Alto Networks’ PAN-OS software. It is being used by attackers, but there are no patches to fix it yet. Palo Alto Networks issued an alert on April 12, 2024, thanking cybersecurity firm Volexity for discovering the flaw. There is a command injection vulnerability in …
Read More » -
12 April
CISA Opens Malware Analysis Tool For Public Use
CISA has launched a new initiative, making its advanced malware analysis system, Malware Next-Gen, available to the public. Malware Next-Gen is a new and innovative way to find and fight against cyber threats and harmful software. This new platform allows governments, private organizations, security researchers, and individuals to submit malware …
Read More » -
12 April
PALO ALTO NETWORKS FIXED MULTIPLE DOS BUGS
Palo Alto Networks released security updates to high severity vulnerabilities in its PAN-OS operating system. The company fixed the following DoS vulnerabilities: CVE-2024-3385 – A vulnerability in the PAN-OS software of Palo Alto Networks allows remote attackers to reboot hardware firewalls. Continuous attacks can lead to a DoS situation by …
Read More » -
12 April
CISA immediately orders agencies to mitigate risk impacted by Microsoft hack
CISA has ordered U.S. federal agencies to address risks from the breach of multiple Microsoft email accounts by the Russian APT29 hacking group. Emergency Directive 24-02 requires Federal Civilian Executive Branch (FCEB) agencies to investigate affected emails, reset any compromised credentials, and secure privileged Microsoft Azure accounts. CISA reports that …
Read More » -
12 April
ESET RESEARCH
“eXotic” spyware espionage campaign targets India and Pakistan
ESET researchers found a spying campaign targeting Android users. The campaign uses fake messaging apps that include XploitSPY malware. The campaign, called eXotic Visit, has been active from November 2021 to the end of 2023. Malicious Android apps were distributed through targeted campaigns using dedicated websites and the Google Play …
Read More »