Hey there cyber-savvy readers! We’ve got some fantastic news to share – the notorious Qakbot botnet, also known as Qbot and Pinkslipbot, has been officially defeated! In an inspiring show of international collaboration, law...
Author - Volodymyr Krasnogolovy
CISA and NSA Warn of Hacking Risks due to IDOR Vulnerabilities
Web applications with insecure direct object references (IDORs) are at significant risk of hacking, as the US Cybersecurity and Infrastructure Protection Agency (CISA), in conjunction with the Australian Cyber Security Center...
Wiz Analysts Claim that MSA Cryptographic Key Allowed Hackers to Break into Many Microsoft Products
Wiz analysts are confident that the recent theft of Microsoft’s MSA (Microsoft account consumer signing key) cryptographic key from Microsoft could have much more serious consequences than the hacking of Exchange Online and...
Vulnerability Allows Root Access to Hundreds of Thousands of MikroTik Routers
A critical Super Admin privilege escalation vulnerability threatens over 900,000 MikroTik routers running RouterOS. The issue is tracked as CVE-2023-30799 and allows attackers who already have an administrator account to elevate...
Zenbleed Attack Exposes Sensitive Data on AMD Zen 2 Processors
Google security expert Tavis Ormandy has identified a dangerous vulnerability affecting AMD Zen 2 processors. The problem allows stealing confidential data (including passwords and encryption keys) at a speed of 30 kbps from...
Two Banks Hit by Attacks on Open-Source Supply Chain
According to Checkmarx analysts, two unnamed banks have been the victims of attacks on the open-source supply chain in recent months. Researchers say these are the first incidents of their kind. Although the FBI even issued a...
Three DDoS Botnets Attack Zyxel Devices at Once
According to Fortinet, at least three DDos botnets are exploiting the CVE-2023-28771 vulnerability recently discovered in Zyxel hardware. Experts say the attacks are taking place in several regions, including Central America...
BlackCat and Clop Attack Cosmetics Manufacturer Estée Lauder
The hacker groups BlackCat (ALPHV) and Clop announced the hacking of Estée Lauder, the American beauty industry giant. BlackCat members ridiculed the company’s security measures and report that they retained access to its...
Thousands of Docker Hub Images Expose Secrets and Private Data
Analysts from the RWTH Aachen published a study according to which tens of thousands of container images in Docker Hub contain various secrets, which exposes software, online platforms and users to the risk of massive attacks...
Citrix Products Are under Active Hacker Attacks due to Several 0-Day Vulnerabilities
Citrix is warning users of a number of 0-day vulnerabilities and other security vulnerabilities in the NetScaler ADC and NetScaler Gateway that they say are heavily exploited in the wild (ITW). Tracked as CVE-2023-3519 (CVSS...