Zyxel patches two critical vulnerabilities
Zyxell has released a security advisory for multiple buffer overflow vulnerabilities. Exploitation of these vulnerabilities could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on the affected Zyxell firewalls. Affected users should patch as a matter of urgency, and we urge you not to expose the management interfaces […]
Gaming Firms and Community Members Hit by Dark Frost Botnet
By Deeba Ahmed According to researchers, the most prominent targets of Dark Frost include gaming companies, online streaming services, game server hosting providers, and gaming community members. This is a post from HackRead.com Read the original post: Gaming Firms and Community Members Hit by Dark Frost Botnet
Mirai Malware Hits Zyxel Devices After Command Injection Bug
By Deeba Ahmed A variant of the Mirai botnet is targeting Zyxel Firewalls after exploiting a newly patched operating system command injection vulnerability. This is a post from HackRead.com Read the original post: Mirai Malware Hits Zyxel Devices After Command Injection Bug
Severe Flaw in Google Cloud’s Cloud SQL Service Exposed Confidential Data
A new security flaw has been disclosed in the Google Cloud Platform’s (GCP) Cloud SQL service that could be potentially exploited to obtain access to confidential data. “The vulnerability could have enabled a malicious actor to escalate from a basic Cloud SQL user to a full-fledged sysadmin on a container, gaining access to internal GCP […]
Predator Android Spyware: Researchers Sound the Alarm on Alarming Capabilities
Security researchers have shared a deep dive into the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexa (previously Cytrox). Predator was first documented by Google’s Threat Analysis Group (TAG) in May 2022 as part of attacks leveraging five different zero-day flaws in the Chrome web browser and Android. The spyware, which is […]
5 Must-Know Facts about 5G Network Security and Its Cloud Benefits
5G is a game changer for mobile connectivity, including mobile connectivity to the cloud. The technology provides high speed and low latency when connecting smartphones and IoT devices to cloud infrastructure. 5G networks are a critical part of all infrastructure layers between the end user and the end service; these networks transmit sensitive data that […]
New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids
A new strain of malicious software that’s engineered to penetrate and disrupt critical systems in industrial environments has been unearthed. Google-owned threat intelligence firm Mandiant dubbed the malware COSMICENERGY, adding it was uploaded to a public malware scanning utility in December 2021 by a submitter in Russia. There is no evidence that it has been put […]
Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances
Email protection and network security services provider Barracuda is warning users about a zero-day flaw that it said has been exploited to breach the company’s Email Security Gateway (ESG) appliances. The zero-day is being tracked as CVE-2023-2868 and has been described as a remote code injection vulnerability affecting versions 5.1.3.001 through 9.2.0.006. The California-headquartered firm
“Beautiful Cookie Consent Banner” WordPress plugin vulnerability: Update now!
WordPress plugins are under fire once more, and you’re advised to update your version of Beautiful Cookie Consent Banner as soon as possible. The plugin, which is installed on more than 40,000 sites, has been impacted by a “bizarre campaign” being actively used since at least February 5 of this year. The plugin is designed […]
Operation Magalenha: Brazilian Hackers Hit Portuguese Banks in Malware Attack
By Waqas SentinelLabs has uncovered a malware campaign in which Brazilian hackers are targeting Portuguese banks for monetary gains. This is a post from HackRead.com Read the original post: Operation Magalenha: Brazilian Hackers Hit Portuguese Banks in Malware Attack