24 Nov, 2024

Fake Palo Alto GlobalProtect used as lure to backdoor enterprises

Threat actors target Middle Eastern organizations with malware disguised as the legitimate Palo Alto GlobalProtect Tool that can steal data and execute remote PowerShell commands to infiltrate internal networks further. Palo Alto GlobalProtect is a legitimate security solution offered by Palo Alto Networks that provides secure VPN access with multi-factor authentication support. Organizations widely use the […]

3 mins read

Windows 10 KB5041582 update released with 5 changes and fixes

Microsoft has released the August 2024 preview update for Windows 10, version 22H2, with fixes for issues causing system freezes and memory leaks. Today’s KB5041582 optional cumulative update is a maintenance release that enables Windows administrators to test fixes and improvements and ensure a more reliable experience for end users when rolling out security updates via the mandatory […]

2 mins read

Top GPUs Without External Power Needs: Low Power Video Cards

Graphics cards usually need extra power from the power supply to work. But some graphics cards can run just from the power supplied by the motherboard. These cards are great for small computers and systems with limited power. They are not as powerful as regular graphics cards, but they work well for casual gaming and […]

10 mins read

How to Fix RGB Fans Not Lighting Up

If your RGB fans aren’t lighting up, it can be frustrating. This troubleshooting guide will help you identify and fix common issues. If the problem continues, consider contacting the manufacturer’s support or seeking help from a technician. Solving the problem of non-illuminating RGB fans requires technical knowledge and practical solutions. This guide provides a detailed […]

11 mins read

North Korean hackers exploit Chrome zero-day to deploy rootkit

North Korean hackers have exploited a recently patched Google Chrome zero-day (CVE-2024-7971) to deploy the FudModule rootkit after gaining SYSTEM privileges using a Windows Kernel exploit. “We assess with high confidence that the observed exploitation of CVE-2024-7971 can be attributed to a North Korean threat actor targeting the cryptocurrency sector for financial gain,” Microsoft said on Friday, […]

3 mins read

FBI: RansomHub ransomware breached 210 victims since February

​Since surfacing in February 2024, RansomHub ransomware affiliates have breached over 200 victims from a wide range of critical U.S. infrastructure sectors. This relatively new ransomware-as-a-service (RaaS) operation extorts victims in exchange for not leaking stolen files and sells the documents to the highest bidder if negotiations fail. The ransomware group focuses on data-theft-based extortion […]

2 mins read

Halliburton cyberattack linked to RansomHub ransomware gang

The RansomHub ransomware gang is behind the recent cyberattack on oil and gas services giant Halliburton, which disrupted the company’s IT systems and business operations. The attack caused widespread disruption, and GeekFeed was told that customers couldn’t generate invoices or purchase orders because the required systems were down. Halliburton disclosed the attack last Friday in an SEC […]

5 mins read

New Voldemort malware abuses Google Sheets to store stolen data

A new malware campaign is spreading a previously undocumented backdoor named “Voldemort” to organizations worldwide, impersonating tax agencies from the U.S., Europe, and Asia. As per a Proofpoint report, the campaign started on August 5, 2024, and has disseminated over 20,000 emails to over 70 targeted organizations, reaching 6,000 in a single day at the […]

4 mins read

Researchers find SQL injection to bypass airport TSA security checks

Security researchers have found a vulnerability in a key air transport security system that allowed unauthorized individuals to potentially bypass airport security screenings and gain access to aircraft cockpits. Researchers Ian Carroll and Sam Curry discovered the vulnerability in FlyCASS, a third-party web-based service that some airlines use to manage the Known Crewmember (KCM) program and the Cockpit Access […]

4 mins read

Malware exploits 5-year-old zero-day to infect end-of-life IP cameras

The Corona Mirai-based malware botnet is spreading through a 5-year-old remote code execution (RCE) zero-day in AVTECH IP cameras, which have been discontinued for years and will not receive a patch. The flaw, discovered by Akamai’s Aline Eliovich, is tracked as CVE-2024-7029 and is a high-severity (CVSS v4 score: 8.7) issue in the “brightness” function […]

3 mins read