Tag: security
Hackers are already attacking this Microsoft SharePoint vulnerability, so patch now
The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new Microsoft Sharepoint Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog, signaling that hackers have begun exploiting it in the wild. The vulnerability is tracked as CVE-2023-24955, and carries a severity score of 7.2. It is described as…
Read More
With just $700 and a Raspberry Pi — you too can become a cybercriminal
Everyone’s favourite single-board microcomputer, the Raspberry Pi, just got sinister, as cybercriminals have been spotted selling software for the devices catering to inexperienced criminals looking to dabble in financial crime. Don’t try this at home, obviously, but the ‘GEOBOX’ software, with proxy and network traffic routing capabilities, is being sold…
Read More
Ray framework flaw exploited for hackers to breach servers
The Ray framework, an open source tool for AI and Python workload scaling, is vulnerable to half a dozen flaws that allow hackers to hijack the devices and steal sensitive data. This is according to cybersecurity researchers from Oligo, who published their findings on a new hacking campaign they dubbed…
Read More
Watch out — that free Android VPN app could hijack your device
Almost two dozen free Android VPN apps were actually turning host devices into residential proxies, researchers have revealed announced. All of the apps were subsequently removed from the Play Store, with some making a comeback after cleaning up their code. Cybersecurity researchers from HUMAN’s Satori Intelligence Team recently discovered a…
Read More
Thousands of Asus routers taken over by malware to form new proxy service
Thousands of old, outdated Asus routers are being targeted by a new version of “TheMoon” malware botnet, turning them into a network of devices used by a criminal residential proxy service. Researchers from Black Lotus Labs claim the campaign started in early March 2024 and within 72 hours, compromised roughly…
Read More
Google reveals the nastiest zero-days it tracked this year
The number of zero-day vulnerabilities exploited in the wild continued on an upward trajectory in 2023, posing a worrying question for businesses and consumers alike, new research from Google‘s security experts has claimed. A new report from Mandiant and Google’s own Threat Analysis Group (TAG) analyzed the zero-day landscape, noting…
Read More