GeoServer RCE vulnerability: a threat to geospatial data infrastructure
GeoServer, an open-source Java-based server, enables the sharing and management of geospatial data. However, a critical vulnerability (CVE-2024-36401) has emerged, allowing attackers to remotely execute commands and deploy...
Fog ransomware extends reach to financial sector
The Fog ransomware, previously targeting educational and recreational sectors, has now shifted its focus to the lucrative finance industry. In a recent attack, threat actors compromised VPN credentials...
Bitcoin ATM Scams: A Growing Threat
Bitcoin ATMs (BTMs) have emerged as a convenient way to buy and sell cryptocurrencies. However, they have also become a hotbed for scammers looking to exploit unsuspecting victims.The...
Russian military hackers: targeting critical infrastructure globally
Intelligence agencies have identified Russian military hackers linked to the Main Intelligence Directorate (GRU), Unit 29155, as responsible for cyberattacks against global targets. These attacks aim to steal...
Veeam software vulnerabilities: urgent action required for enhanced cybersecurity
Veeam Software, a renowned provider of data protection solutions, has recently disclosed the discovery of several critical and high-severity vulnerabilities in multiple products. These vulnerabilities pose significant risks...
SonicWall alerts to critical access control flaw actively targeted
As a cybersecurity expert, I’m here to alert you to a critical vulnerability (CVE-2024-40766) affecting SonicWall Firewall products. This improper access control flaw is actively being exploited in...
Persistent backdoors via Linux pluggable authentication modules: a new threat
Recent research by the Group-IB Digital Forensics and Incident Response (DFIR) team has revealed a novel technique exploiting Linux’s Pluggable Authentication Modules (PAM) to create persistent backdoors on...
Critical Progress LoadMaster vulnerability: unauthenticated code execution
A severe vulnerability (CVE-2024-7591) has been discovered in the Progress LoadMaster product line, including all releases and the Multi-Tenant (MT) hypervisor. This flaw allows unauthenticated remote attackers to...