Secure Bulletin Navigating the cyber sea with knowledge
Home
Latest news

Vulnerability in OAuth, XSS for millions of websites

31 July 2024  |  dark6  |  Blog

A critical vulnerability within the OAuth authentication standard poses a substantial risk to millions of websites and their users, potentially leading to account hijacking and data theft. Cybersecurity...

>> read more

RansomHub ransomware: a new threat in the cybercrime landscape

31 July 2024  |  dark6  |  Ransomware

Cybersecurity researchers at Lab52 have highlighted the rise of the RansomHub ransomware gang, which employs a mix of old and new tactics to breach systems. Using tools like...

>> read more

Ongoing exploitation of VMware ESXi vulnerability CVE-2024-37085

31 July 2024  |  dark6  |  Vulnerability

A vulnerability in VMware’s ESXi virtualization platform, identified as CVE-2024-37085, continues to leave thousands of servers susceptible to ransomware attacks. Despite ongoing exploitation by cybercriminals and warnings from...

>> read more

Leveraging AI/ML to improve MDR efficiency and reduce false positives

31 July 2024  |  dark6  |  Malware

Key Findings from the 2023 MDR Analysis Report: AI/ML in Incident Detection: Challenges and Solutions: Balancing Detection and False Positives: Performance and Monitoring: Conclusion:

>> read more

EchoSpoofing campaign exploits Proofpoint vulnerability

30 July 2024  |  dark6  |  Vulnerability

An unknown attacker exploited a vulnerability in Proofpoint’s email routing settings to send mass fraudulent messages impersonating well-known companies such as Best Buy, IBM, Nike, and Walt Disney....

>> read more

Russian information operations target French snap elections: operation “Doppelgänger”

30 July 2024  |  dark6  |  Hacktivism

From early June to late July 2024, Russian actors conducted a series of sophisticated information operations under the code name “Doppelgänger.” These campaigns were particularly active during the...

>> read more

Ransomware threats loom over Paris 2024 olympics

29 July 2024  |  dark6  |  Ransomware

A recent study by ExtraHop has highlighted the near inevitability of ransomware attacks targeting the Paris 2024 Olympics. The event’s IT infrastructure has faced frequent attacks over the...

>> read more

Apache superset security update: addressing CVE-2024-34693

29 July 2024  |  dark6  |  Vulnerability

The Apache Software Foundation has released critical security updates to mitigate an arbitrary file read vulnerability (CVE-2024-34693) in Apache Superset. This vulnerability could enable attackers to read arbitrary...

>> read more