Praetorian has uncovered GoffLoader, an in-memory execution tool that allows security professionals to run BOF and unmanaged Cobalt Strike PE files directly in memory without writing to disk.
Cyware News – Latest Cyber News – Read More
The CVE-2024-26581 PoC exploit has been disclosed, posing a risk to Linux systems by allowing root compromise. The flaw exists in the nft_set_rbtree function within the Linux kernel, enabling attackers to access sensitive data on affected systems.
Cyware News – Latest Cyber News – Read More
The group, active since at least 2023, exclusively targets companies in these countries. They use modern techniques to gain initial access to systems, primarily through phishing emails with custom malware like PhantomDL and PhantomCore.
Cyware News – Latest Cyber News – Read More
A vulnerability in the LiteSpeed Cache WordPress plugin leads to the exposure of sensitive information, including user cookies.
The post LiteSpeed Cache Plugin Vulnerability Exposes Millions of WordPress Sites to Attacks appeared first on SecurityWeek.
SecurityWeek – Read More
The 2024 State of the vCISO Report continues Cynomi’s tradition of examining the growing popularity of virtual Chief Information Security Officer (vCISO) services. According to the independent survey, the demand for these services is increasing, with both providers and clients reaping the rewards. The upward trend is set to continue, with even faster growth expected in the future. However,
The Hacker News – Read More
Upgrade your security with 1Password, a premium password manager with useful features.
Latest stories for ZDNET in Security – Read More
Veeam has released patches for critical-severity vulnerabilities in Backup & Replication, ONE, and Service Provider Console.
The post Veeam Patches Critical Vulnerabilities in Enterprise Products appeared first on SecurityWeek.
SecurityWeek – Read More
Video and audio of therapy sessions, transcripts, and other patient records were accidentally exposed in a publicly accessible database operated by the virtual medical company Confidant Health.
Security Latest – Read More
Progress Software has alerted users to a critical vulnerability (CVE-2024-7591) in its LoadMaster ADC and load balancer solution. The flaw, with a CVSS score of 10, allows remote attackers to execute system commands without authentication.
Cyware News – Latest Cyber News – Read More
A critical vulnerability (CVE-2024-2169) in Webmin/Virtualmin control panels allows for launching DoS attacks. This flaw reveals IP addresses through the UDP service on port 10000, enabling attackers to create a loop of traffic between servers.
Cyware News – Latest Cyber News – Read More