23 Dec, 2024

US cracks down on spyware vendor Intellexa with more sanctions

Today, the U.S. Department of the Treasury has sanctioned five executives and one entity linked to the Intellexa Consortium for developing and distributing Predator commercial spyware. Intellexa Consortium is a network of decentralized companies that developed and sold highly intrusive spyware products marketed under the “Predator” brand. Predator spyware has allowed Intellexa customers worldwide — mostly […]

3 mins read

D-Link fixes critical RCE, hardcoded password flaws in WiFi 6 routers

D-Link has fixed critical vulnerabilities in three popular wireless router models that allow remote attackers to execute arbitrary code or access the devices using hardcoded credentials. The impacted models are popular in the consumer networking market, especially among users looking for high-end WiFi 6 routers (DIR-X) and mesh networking systems (COVR). The bulletin lists five […]

2 mins read

Exploit code released for critical Ivanti RCE flaw, patch now

A proof-of-concept (PoC) exploit for CVE-2024-29847, a critical remote code execution (RCE) vulnerability in Ivanti Endpoint Manager, is now publicly released, making it crucial to update devices. The flaw is a deserialization of untrusted data issue impacting Ivanti Endpoint Manager before 2022 SU6 and EPM 2024, which was fixed as part of the September 2024 […]

2 mins read

CISA warns of Windows flaw used in infostealer malware attacks

​CISA has ordered U.S. federal agencies to secure their systems against a recently patched Windows MSHTML spoofing zero-day bug exploited by the Void Banshee APT hacking group. The vulnerability (CVE-2024-43461) was disclosed during this month’s Patch Tuesday, and Microsoft initially classified it as not exploited in attacks. However, Microsoft updated the advisory on Friday to confirm that it […]

3 mins read

Black Desert Online’s New Expansion Is Out Now

Black Desert Online’s new expansion has officially been released, giving players access to Land of the Light: Seoul, with the first expansion being hugely popular among BDO fans, receiving a score of 80 on Metacritic. This sequel expansion gives players access to new storylines, boss fights, and adventures set in the stunning backdrop of medieval Seoul […]

2 mins read

GTA VI Is By Far the Biggest Reason to Buy a PS5 Pro

The Fall season is mere days away, which means GTA VI should launch around a year from now. Last we heard from Take-Two, Rockstar’s highly anticipated game is slated to launch in Fall 2025, contributing to what could be a stellar year for the publisher: Our outlook reflects a narrowing of Rockstar Games’ previously established window of […]

4 mins read

Malware locks browser in kiosk mode to steal Google credentials

A malware campaign uses the unusual method of locking users in their browser’s kiosk mode to annoy them into entering their Google credentials, which are then stolen by information-stealing malware. Specifically, the malware “locks” the user’s browser on Google’s login page with no obvious way to close the window, as the malware also blocks the “ESC” and […]

3 mins read

Windows vulnerability abused braille “spaces” in zero-day attacks

A recently fixed “Windows MSHTML spoofing vulnerability” tracked under CVE-2024-43461 is now marked as previously exploited after it was used in attacks by the Void Banshee APT hacking group. When first disclosed as part of the September 2024 Patch Tuesday, Microsoft had not marked the vulnerability as previously exploited. However, on Friday, Microsoft updated the CVE-2024-43461 advisory to indicate it […]

4 mins read

iOS 18 AI Features: Full List of iPhones Supporting Apple Intelligence

iOS 18 is here, bringing new AI features to Apple’s iPhone lineup. The iPhone 16 series and iPhone 15 Pro / iPhone 15 Pro Max iPhones will support all the integrated Ai functions of iOS 18 (including Apple Intelligence), but all other models will have limited to no functionality when it comes to Apple Ai. The reason […]

5 mins read

FBI tells public to ignore false claims of hacked voter data

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are alerting the public of false claims that the U.S. voter registration data has been compromised in cyberattacks. The two agencies note that malicious actors are spreading disinformation to manipulate public “opinion and undermine confidence in U.S. democratic institutions.” According to […]

3 mins read