New stealthy techniques let hackers gain Windows SYSTEM privileges
Security researchers have released NoFilter, a tool that abuses the Windows Filtering Platform to elevate a user's privileges to increases...
threatintel
Discord starts notifying users affected by March data breach
Starting on Monday, Discord has been reaching out to users affected by a data breach disclosed earlier this year to...
Over 3,000 Openfire servers vulnerable to takover attacks
Thousands of Openfire servers remain vulnerable to CVE-2023-32315, an actively exploited and path traversal vulnerability that allows an unauthenticated user...
Duolingo – 2,676,696 breached accounts
HIBP In August 2023, 2.6M records of data scraped from Duolingo were broadly distributed on a popular hacking forum. Obtained...
US-CERT Vulnerability Summary for the Week of August 14, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infofoldingathome -- client_advanced_controlAn issue was discovered in FoldingAtHome Client Advanced Control GUI...
Evil QR – Proof-of-concept To Demonstrate Dynamic QR Swap Phishing Attacks In Practice
Toolkit demonstrating another approach of a QRLJacking attack, allowing to perform remote account takeover, through sign-in QR code phishing. It...
North Korean Affiliates Suspected in $40M Cryptocurrency Heist, FBI Warns
The U.S. Federal Bureau of Investigation (FBI) on Tuesday warned that threat actors affiliated with North Korea may attempt to...
Meta Set to Enable Default End-to-End Encryption on Messenger by Year End
Meta has once again reaffirmed its plans to roll out support for end-to-end encryption (E2EE) by default for one-to-one friends...
Agile Approach to Mass Cloud Credential Harvesting and Crypto Mining Sprints Ahead
Developers are not the only people who have adopted the agile methodology for their development processes. From 2023-06-15 to 2023-07-11,...
Syrian Threat Actor EVLF Unmasked as Creator of CypherRAT and CraxsRAT Android Malware
A Syrian threat actor named EVLF has been outed as the creator of malware families CypherRAT and CraxsRAT. "These RATs...
Spacecolon Toolset Fuels Global Surge in Scarab Ransomware Attacks
A malicious toolset dubbed Spacecolon is being deployed as part of an ongoing campaign to spread variants of the Scarab...
Over a Dozen Malicious npm Packages Target Roblox Game Developers
More than a dozen malicious packages have been discovered on the npm package repository since the start of August 2023...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on August 17, 2023. These...
CISA: Atlassian Releases Security Update for Confluence Server and Data Center
Atlassian Releases Security Update for Confluence Server and Data Center Atlassian has released its security bulletin for August 2023 to...
CISA: CISA Releases JCDC Remote Monitoring and Management (RMM) Cyber Defense Plan
CISA Releases JCDC Remote Monitoring and Management (RMM) Cyber Defense Plan Today, CISA released the Remote Monitoring and Management (RMM)...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A cyber...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
CISA: CISA, NSA, and NIST Publish Factsheet on Quantum Readiness
CISA, NSA, and NIST Publish Factsheet on Quantum Readiness Today, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency...
CISA: Juniper Releases Security Advisory for Multiple Vulnerabilities in Junos OS
Juniper Releases Security Advisory for Multiple Vulnerabilities in Junos OS Juniper has released a security advisory to address vulnerabilities in...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on August 22, 2023. These...
Carderbee hacking group hits Hong Kong orgs in supply chain attack
Image: Midjourney A previously unidentified APT hacking group named 'Carderbee' was observed attacking organizations in Hong Kong and other regions...
New HiatusRAT malware attacks target US Defense Department
In a new HiatusRAT malware campaign, threat actors have targeted a server belonging to the U.S. Department of Defense in...
