privilege
-
Cloud Misconfigurations – A Leading Cause of Data Breaches
Cloud computing has transformed the way organizations operate, offering unprecedented scalability, flexibility, and cost savings. However, this rapid shift to…
Read More » -
Kibana Releases Security Patch to Fix Code Injection Vulnerability
Elastic, the company behind Kibana, has released critical security updates to address a high-severity vulnerability identified as CVE-2024-12556. The flaw,…
Read More » -
Hack The box “Ghost” Challenge Cracked
Cybersecurity researcher “0xdf” has cracked the “Ghost” challenge on Hack The Box (HTB), a premier platform for honing penetration testing…
Read More » -
Google Cloud Platform Vulnerability Exposes Sensitive Data to Attackers
A privilege escalation vulnerability in Google Cloud Platform (GCP), dubbed “ImageRunner,” was recently discovered and fixed. The flaw, which Tenable…
Read More » -
RansomHub Affiliate Deploys New Custom Backdoor “Betruger” for Persistent Access
Symantec’s Threat Hunter team has identified a sophisticated custom backdoor named “Betruger” linked to a RansomHub affiliate. This newly discovered…
Read More » -
Lazarus Group Weaponizes IIS Servers for Deploying Malicious ASP Web Shells
The notorious Lazarus group has been identified as leveraging compromised IIS servers to deploy malicious ASP web shells. These sophisticated…
Read More » -
Implementing Identity First Security for Zero Trust Architectures
Zero Trust is a security framework that operates under the assumption that no implicit trust exists within a network. Every…
Read More » -
Lotus Blossom Hacker Group Uses Dropbox, Twitter, and Zimbra for C2 Communications
The Lotus Blossom hacker group, also known as Spring Dragon, Billbug, or Thrip, has been identified leveraging legitimate cloud services…
Read More » -
Google’s SafetyCore App Secretly Scans All Photos on Android Devices
Recent revelations about Google’s SafetyCore app have ignited a firestorm of privacy debates, echoing Apple’s recent controversy over photo scanning.…
Read More » -
GitLab Vulnerabilities Allow Attackers to Bypass Security and Run Arbitrary Scripts
GitLab has urgently released security updates to address multiple high-severity vulnerabilities in its platform that could allow attackers to bypass…
Read More » -
MITRE Releases OCCULT Framework to Address AI Security Challenges
MITRE has unveiled the Offensive Cyber Capability Unified LLM Testing (OCCULT) framework, a groundbreaking methodology designed to evaluate risks posed…
Read More » -
PoC Exploit Released for Ivanti EPM Vulnerabilities
A recent investigation into Ivanti Endpoint Manager (EPM) has uncovered four critical vulnerabilities that could allow unauthenticated attackers to exploit…
Read More » -
61 Vulnerabilities Including 25 RCE’s Fixed
Microsoft has released its highly anticipated Patch Tuesday security updates for February 2025, addressing a wide range of vulnerabilities across…
Read More » -
Hackers Can Exploit GPU Flaws to Gain Full Control of Your Device
Several critical vulnerabilities affecting Mali Graphics Processing Units (GPUs) have surfaced, allowing hackers to exploit flaws in GPU drivers to…
Read More » -
Hackers Exploiting DNS Poisoning to Compromise Active Directory Environments
A groundbreaking technique for Kerberos relaying over HTTP, leveraging multicast poisoning, has been recently detailed by cybersecurity researchers. Introduced by…
Read More » -
CISA Releases Six ICS Advisories Details Security Issues
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued six Industrial Control Systems (ICS) advisories addressing vulnerabilities in a range…
Read More » -
PoC Exploit Released for Ivanti Connect Secure RCE Vulnerability
A serious security flaw has been identified in Ivanti Connect Secure, designated as CVE-2025-0282, which enables remote unauthenticated attackers to execute…
Read More » -
Critical macOS Vulnerability Lets Hackers to Bypass Apple’s System Integrity Protection
Microsoft Threat Intelligence has uncovered a critical macOS vulnerability that allowed attackers to bypass Apple’s System Integrity Protection (SIP). Known…
Read More » -
New NonEuclid RAT Evades Antivirus and Encrypts Critical Files
A NonEuclid sophisticated C# Remote Access Trojan (RAT) designed for the.NET Framework 4.8 has been shown to pose a significant…
Read More »