Tag
Debian Linux Security Advisory 5786-1 - Integer overflows flaws were discovered in the Compound Document Binary File format parser of libgsf, the GNOME Project G Structured File Library, which could result in the execution of arbitrary code if a specially crafted file is processed.
Critical security vulnerabilities exposed in DrayTek Vigor routers: Discover how to protect your network from these serious flaws.…
A foreign government is believed to have hacked into the Dutch police force’s systems, exposing the contact details…
DoJ and Microsoft seized over 100 sites used by Russian hackers for phishing campaigns targeting the U.S. The…
It's North Korea versus Cambodia, with Windows default settings and sheer patience allowing the bad guys to avoid easy detection.
Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part of a campaign targeting Cambodia and likely other Southeast Asian countries. The activity, dubbed SHROUDED#SLEEP by Securonix, is believed to be the handiwork of APT37, which is also known as InkySquid, Reaper, RedEyes, Ricochet Chollima,
October 3.6.30 allows an authenticated admin account to upload a PDF file containing malicious JavaScript into the target system. If the file is accessed through the website, it could lead to a Cross-Site Scripting (XSS) attack or execute arbitrary code via a crafted JavaScript to the target.
Zenario 9.7.61188 allows authenticated admin users to upload PDF files containing malicious code into the target system. If the PDF file is accessed through the website, it can trigger a Cross Site Scripting (XSS) attack.
Dynamic malware analysis is a key part of any threat investigation. It involves executing a sample of a malicious program in the isolated environment of a malware sandbox to monitor its behavior and gather actionable indicators. Effective analysis must be fast, in-depth, and precise. These five tools will help you achieve it with ease. 1. Interactivity Having the ability to interact with the
The threat actors behind the Rhadamanthys information stealer have added new advanced features to the malware, including using artificial intelligence (AI) for optical character recognition (OCR) as part of what's called "Seed Phrase Image Recognition." "This allows Rhadamanthys to extract cryptocurrency wallet seed phrases from images, making it a highly potent threat for anyone dealing in