Exploit

Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners – Go Health Pro

by
Hackers Exploit Aviatrix Controller Vulnerability to Deploy Backdoors and Crypto Miners – Go Health Pro

Jan 13, 2025Ravie LakshmananVulnerability / Cloud Security A recently disclosed critical security flaw impacting the Aviatrix Controller cloud networking platform has come under active exploitation in the wild to deploy backdoors and cryptocurrency miners. Cloud security firm Wiz said it’s currently responding to “multiple incidents” involving the weaponization of CVE-2024-50603 (CVSS score: 10.0), a maximum … Read more

Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices – Go Health Pro

by
Google Project Zero Researcher Uncovers Zero-Click Exploit Targeting Samsung Devices – Go Health Pro

Jan 10, 2025Ravie LakshmananCybersecurity / Android Cybersecurity researchers have detailed a now-patched security flaw impacting Monkey’s Audio (APE) decoder on Samsung smartphones that could lead to code execution. The high-severity vulnerability, tracked as CVE-2024-49415 (CVSS score: 8.1), affects Samsung devices running Android versions 12, 13, and 14. “Out-of-bounds write in libsaped.so prior to SMR Dec-2024 … Read more

New “DoubleClickjacking” Exploit Bypasses Clickjacking Protections on Major Websites – Go Health Pro

by
New “DoubleClickjacking” Exploit Bypasses Clickjacking Protections on Major Websites – Go Health Pro

Jan 01, 2025Ravie LakshmananWeb Security / Vulnerability Threat hunters have disclosed a new “widespread timing-based vulnerability class” that leverages a double-click sequence to facilitate clickjacking attacks and account takeovers in almost all major websites. The technique has been codenamed DoubleClickjacking by security researcher Paulos Yibelo. “Instead of relying on a single click, it takes advantage … Read more

Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware – Go Health Pro

by
Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware – Go Health Pro

Dec 17, 2024Ravie LakshmananMalware / Credential Theft A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. “An attacker used social engineering via a Microsoft Teams call to impersonate a user’s client and gain remote access to their system,” Trend Micro researchers Catherine … Read more

Tech Support Scams Exploit Google Ads to Target Users – Go Health Pro

by
Tech Support Scams Exploit Google Ads to Target Users – Go Health Pro

It’s not a new technique, but that doesn’t mean that cybercriminals cannot make rich rewards from SEO poisoning.  SEO poisoning is the dark art of manipulating search engines to ensure that malware-laced adverts and dangerous websites appear high on users’ results – often impersonating legitimate businesses and organisations.  But the simplest way of all to … Read more

x