APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor – OfficialSarkar

APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor – OfficialSarkar

Aug 28, 2024Ravie LakshmananCyber Attack / Vulnerability A South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw in Kingsoft WPS Office to deploy a bespoke backdoor dubbed SpyGlace. The activity has been attributed to a threat actor dubbed APT-C-60, according to cybersecurity firms ESET and…

BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave – OfficialSarkar

BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave – OfficialSarkar

The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware ESXi hypervisors, while also leveraging various vulnerable drivers to disarm security protections. “The BlackByte ransomware group continues to leverage tactics, techniques, and procedures (TTPs) that have formed the foundation of its tradecraft since its inception,…

New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials – OfficialSarkar

New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials – OfficialSarkar

Aug 28, 2024Ravie LakshmananPhishing Attack / Data Breach Cybersecurity researchers are calling attention to a new QR code phishing (aka quishing) campaign that leverages Microsoft Sway infrastructure to host fake pages, once again highlighting the abuse of legitimate cloud offerings for malicious purposes. “By using legitimate cloud applications, attackers provide credibility to victims, helping them…

CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports – OfficialSarkar

CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports – OfficialSarkar

Aug 28, 2024Ravie LakshmananSoftware Security / Vulnerability The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw affecting the Apache OFBiz open-source enterprise resource planning (ERP) system to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The vulnerability, known as CVE-2024-38856, carries a CVSS…

Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution – OfficialSarkar

Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution – OfficialSarkar

Aug 28, 2024Ravie LakshmananWordPress Security / Website Protection A critical security flaw has been disclosed in the WPML WordPress multilingual plugin that could allow authenticated users to execute arbitrary code remotely under certain circumstances. The vulnerability, tracked as CVE-2024-6386 (CVSS score: 9.9), impacts all versions of the plugin before 4.6.13, which was released on August…

macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users – OfficialSarkar

macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users – OfficialSarkar

Aug 27, 2024Ravie LakshmananCyber Espionage / Malware Users of Chinese instant messaging apps like DingTalk and WeChat are the target of an Apple macOS version of a backdoor named HZ RAT. The artifacts “almost exactly replicate the functionality of the Windows version of the backdoor and differ only in the payload, which is received in…

Chinese Volt Typhoon Exploits Versa Director Flaw, Targets U.S. and Global IT Sectors – OfficialSarkar

Chinese Volt Typhoon Exploits Versa Director Flaw, Targets U.S. and Global IT Sectors – OfficialSarkar

The China-nexus cyber espionage group tracked as Volt Typhoon has been attributed with moderate confidence to the zero-day exploitation of a recently disclosed high-severity security flaw impacting Versa Director. The attacks targeted four U.S. victims and one non-U.S. victim in the Internet service provider (ISP), managed service provider (MSP) and information technology (IT) sectors as…

How Gartner’s New Categories Help to Manage Exposures – OfficialSarkar

How Gartner’s New Categories Help to Manage Exposures – OfficialSarkar

Want to know what’s the latest and greatest in SecOps for 2024? Gartner’s recently released Hype Cycle for Security Operations report takes important steps to organize and mature the domain of Continuous Threat Exposure Management, aka CTEM. Three categories within this domain are included in this year’s report: Threat Exposure Management, Exposure Assessment Platforms (EAP),…

Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation – OfficialSarkar

Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation – OfficialSarkar

Aug 27, 2024Ravie LakshmananVulnerability / Browser Security Google has revealed that a security flaw that was patched as part of a security update rolled out last week to its Chrome browser has come under active exploitation in the wild. Tracked as CVE-2024-7965, the vulnerability has been described as an inappropriate implementation bug in the V8…

Microsoft Fixes ASCII Smuggling Flaw That Enabled Data Theft from Microsoft 365 Copilot – OfficialSarkar

Microsoft Fixes ASCII Smuggling Flaw That Enabled Data Theft from Microsoft 365 Copilot – OfficialSarkar

Aug 27, 2024Ravie LakshmananAI Security / Vulnerability Details have emerged about a now-patched vulnerability in Microsoft 365 Copilot that could enable the theft of sensitive user information using a technique called ASCII smuggling. “ASCII Smuggling is a novel technique that uses special Unicode characters that mirror ASCII but are actually not visible in the user…