Your cart is currently empty!
Author: Omar
Microsoft Streaming bug is being exploited in malware attacks, according to the CISA.
Federal Civilian Executive Branch (FCEB ) organizations in the United States were required to secure their Windows systems against a Microsoft Streaming Service ( MSKSSRV ) high-stakes vulnerability. SYS) that is actively used in attacks. Untrusted pointer dereference, which enables local attackers to gain SYSTEM privileges in low-complexity attacks that do n’t require user interaction,…
With over 180 000 users, Germany defeats the cybercrime market.
Crimemarket, a massive German-language illicit trading platform with over 180, 000 users, has been seized by the Düsseldorf Police in Germany, where six people have been detained, including one of its owners. The country’s largest cybercrime market, known as Crimemarket, served as a hub for the sale of illegal drugs, narcotics, and cybercrime services, as…
Germany overthrows the nation’s largest cybercrime market, making 6 arrests.
The Düsseldorf Police in Germany have seized Crimemarket, the largest German-speaking illicit trading platform on the internet, arresting six people, including one of its operators. Crimemarket was a hub for trading illegal drugs, narcotics, and cybercrime services, while it also hosted tutorials/guides for conducting various crimes. This law enforcement action resulted from years of investigations and…
Outlook clients syncing over Exchange ActiveSync is fixed by Microsoft.
Microsoft fixed a bug that prevented some Microsoft 365 users from using Exchange ActiveSync to connect to email servers. Users can access their email, calendar, contacts, and tasks using Microsoft Exchange’s Exchange ActiveSync ( EAS ), a synchronization protocol. To communicate and synchronize data between the Exchange server and mobile devices, EAS uses HTTP and…
When Microsoft pulls the Edge update, Out of Memory and ' crashes.
Users who reported experiencing” Out of memory” errors while browsing the web or accessing the browser settings reported Microsoft Edge 122. 0. 2365. 63 update. Users soon reported across multiple websites that the browser was repeatedly crashing with memory errors after Microsoft  released Edge 122.0.2365.63  yesterday. One of our readers, who claimed the issue affected…
Iran is charged with hacking defense organizations, and the United States offers$ 10 million in information.
Alireza Shafie Nasab, a 39-year-old Iranian national, was charged with participating in a cyber-espionage plot that targeted American government and defense entities, according to the U. S. Department of Justice ( DoJ). Over a dozen American organizations, including the Departments of State and the Treasury, various defense contractors, and New York-based accounting and hospitality firms,…
SMS and voice calls to ad-targeted cryptocurrency users are leveraged by the new phishing kit.
Mar 01, 2024NewsroomPhishing Kit / Cryptocurrency A novel phishing kit has been observed impersonating the login pages of well- known cryptocurrency services as part of an attack cluster designed to primarily target mobile devices. ” This kit enables attackers to build carbon copies of single sign- on ( SSO ) pages, then use a combination…
4 instructive postmortems on data loss and downtime
More than a decade ago, the concept of the ‘blameless’ postmortem changed how tech companies recognize failures at scale. John Allspaw, who coined the term during his tenure at Etsy, argued postmortems were all about controlling our natural reaction to an incident, which is to point fingers: “One option is to assume the single cause…
Using a false VMware domain to evade a new BIFROSE Linux malware variant
Mar 01, 2024NewsroomLinux / Cyber Threat Cybersecurity researchers have discovered a new Linux variant of a remote access trojan (RAT) called BIFROSE (aka Bifrost) that uses a deceptive domain mimicking VMware. “This latest version of Bifrost aims to bypass security measures and compromise targeted systems,” Palo Alto Networks Unit 42 researchers Anmol Maurya and Siddharth…
Five Eyes Agencies Alert about Ivanti Gateway Active Exploitation Risks
January 1, 2024 NewsroomRootkit / Threat Intelligence The Integrity Checker Tool ( ICT) can be deceived into providing a false sense of security, according to a new cybersecurity advisory from the Five Eyes ( FVEY ) intelligence alliance. According to the organizations,” Ivanti ICT is insufficient to detect compromise and that a cyber threat actor…