Internet Security

Microsoft published exploit code for a macOS App sandbox escape flaw

July 14, 2022 add comment
Microsoft published the exploit code for a vulnerability in macOS that can allow an attacker to escape the sandbox. Microsoft publicly disclosed technical details for an access issue vulnerability, tracked as CVE-2022-26706,... Read more »

VMware fixed a flaw in vCenter Server discovered eight months ago

July 14, 2022 add comment
VMware addressed a high-severity privilege escalation flaw, tracked as CVE-2021-22048, in vCenter Server IWA mechanism. VMware addressed a high-severity privilege escalation flaw, tracked as CVE-2021-22048 (CVSSv3 base score of... Read more »

Qakbot operations continue to evolve to avoid detection

July 13, 2022 add comment
Experts warn that operators behind the Qakbot malware operation are improving their attack chain in an attempt to avoid detection. Qakbot, also known as QBot, QuackBot and Pinkslipbot, is... Read more »

Three UEFI Firmware flaws found in tens of Lenovo Notebook models

July 13, 2022 add comment
IT giant Lenovo released security fixes to address three vulnerabilities that impact the UEFI firmware shipped with over 70 product models. The multinational technology company Lenovo released security fixes... Read more »

Large-scale AiTM phishing campaign targeted +10,000 orgs since 2021

July 13, 2022 add comment
A large-scale phishing campaign used adversary-in-the-middle (AiTM) phishing sites to hit more than 10,000 organizations Microsoft observed a large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites to steal passwords, hijack... Read more »

The President of European Central Bank Christine Lagarde targeted by hackers

July 12, 2022 add comment
Christine Lagarde, the president of the European Central Bank, was the target of a failed hacking attempt. The European Central Bank confirmed that its President, Christine Lagarde, was the... Read more »

Flaws in the ExpressLRS Protocol allow the takeover of drones

July 12, 2022 add comment
The protocol for radio-controlled (RC) drones, named ExpressLRS, is affected by vulnerabilities that can allow device takeover. Researchers warn of vulnerabilities that affect the protocol for radio-controlled (RC) drones,... Read more »

Microsoft announced the general availability of Windows Autopatch feature

July 12, 2022 add comment
Microsoft announced the general availability of a feature called Autopatch that automatically updates Windows and Office software. Microsoft announced the general availability of a service called Autopatch that automates the process of managing... Read more »

Cloud-Based Cryptocurrency mining attacks abuse GitHub Actions and Azure VM

July 12, 2022 add comment
Researchers investigated cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs. Researchers from Trend Micro published a report that details cloud-based cryptocurrency mining attacks targeting GitHub Actions and... Read more »

A fake job offer via LinkedIn allowed to steal $540M from Axie Infinity

July 11, 2022 add comment
Threat actors used a fake job offer on LinkedIn to target an employee at Axie Infinity that resulted in the theft of $540 Million. In March, threat actors stole almost... Read more »
Subscribe to our Newsletter