November 15, 2023

ETH Zurich Leads Cybersecurity Innovation with New Inception Exploit Discovery

Researchers at ETH Zurich have uncovered a new exploit attack named “Inception,” reminiscent of the 2018 Spectre attack. Identified as CVE-2023-20569, this exploit poses a threat to any AMD Zen CPU by potentially leaking sensitive data. Inception was revealed shortly after the discovery of “Zenbleed,” another critical vulnerability targeting AMD Zen 2 processors. This new …

ETH Zurich Leads Cybersecurity Innovation with New Inception Exploit Discovery Read More »

Cybercriminals Exploit Cloudflare Tunnels to Create Hidden Digital Strongholds

Recent findings indicate that cybercriminals are exploiting Cloudflare Tunnels to create hidden communication paths from hacked systems, maintaining ongoing access. Cloudflared, a command-line tool for Cloudflare Tunnel, is notably similar to ngrok, but offers more free features, including hosting TCP connections. It enables secure links between a web server and Cloudflare, concealing server IP addresses …

Cybercriminals Exploit Cloudflare Tunnels to Create Hidden Digital Strongholds Read More »

Mozilla VPN Client on Linux Exposed to Unauthorized Configuration Changes

A vulnerability in the Mozilla VPN client for Linux allows attackers to modify the VPN configuration of other users without root permissions. The Mozilla VPN client for Linux has a vulnerability that enables any user on a system with the client installed to apply arbitrary VPN configurations due to a flaw in authentication checks. Matthias …

Mozilla VPN Client on Linux Exposed to Unauthorized Configuration Changes Read More »

Critical Citrix Vulnerabilities Lead to Widespread Cybersecurity Breaches

Multiple Citrix NetScaler ADC and Gateway servers have been compromised by attackers using a critical code injection vulnerability identified as CVE-2023-3519, reports the Shadowserver Foundation. This vulnerability, which Citrix addressed in a recent update, has a high severity rating of 9.8. The attacks mainly target servers in Germany, France, Switzerland, Italy, Sweden, Spain, Japan, China, …

Critical Citrix Vulnerabilities Lead to Widespread Cybersecurity Breaches Read More »

Russian Hackers Target Global Organizations Through Microsoft Teams

Since May 2023, a Russian hacker group known as APT29, Midnight Blizzard, UNC2452, or Cozy Bear, allegedly linked to Russia’s Foreign Intelligence Service (SVR), has been targeting international organizations, including government agencies, NGOs, IT service providers, technology, and media companies, using Microsoft Teams. Microsoft disclosed that the attacks involved social engineering tactics, primarily phishing campaigns …

Russian Hackers Target Global Organizations Through Microsoft Teams Read More »

Mullvad’s Alert: Uncovering VPN Privacy Leaks in Android Devices

Mullvad, a VPN provider, has identified a privacy concern for Android users: devices may inadvertently leak information when connected to VPNs. This issue arises because Android performs connectivity checks outside the VPN tunnel, even with the “Block connections without VPN” security feature enabled. These checks, designed for functions like authenticating on captive portals, occur independently …

Mullvad’s Alert: Uncovering VPN Privacy Leaks in Android Devices Read More »

Securing the Digital Horizon: Protecting Apache Tomcat Servers from Emerging Cyber Threats

Apache Tomcat, a widely used open-source server, provides support for Jakarta Servlet, Expression Language, and WebSocket technologies in a Java-based HTTP web server environment. It’s particularly popular among developers, with about 50% adoption rate, and plays a significant role in cloud services, big data, and web development. However, a new threat has been identified by …

Securing the Digital Horizon: Protecting Apache Tomcat Servers from Emerging Cyber Threats Read More »

Scroll to Top