If you’re managing an SIEM (Security Information and Event Management) system, you know how vital centralized threat detection is. SIEM collects and analyzes data from multiple sources—your firewalls, applications, servers—and
Uncategorized
Threat Actors Abuse Genuine Code-Signing Certificates To Evade Detections
A code signing certificate is a digital certificate that allows software developers to sign their applications. This ensures both the “authenticity of the publisher” and the “integrity of the code.”HarfangLab
Hackers Abuse EDRSilencer Red Team Tool To Evade Detection
EDRSilencer is a tool designed to enhance data privacy and security by “silencing” or “blocking” unwanted data transmissions from endpoints. The tool is likely used in conjunction with EDR systems
Multiple Splunk Enterprise Vulnerabilities Let Attackers Execute Remote Code
Splunk has released patches for several high-severity vulnerabilities in its Enterprise product that could allow attackers to execute remote code on affected systems. The vulnerabilities impact multiple versions of Splunk
New Supply Chain Attack Leveraging Entry Points in PyPI, npm, Ruby Gems & NuGet
A sophisticated supply chain attack has been identified, leveraging entry points in popular open-source package repositories, including PyPI (Python), npm (JavaScript), Ruby Gems, and NuGet (.NET). This attack vector poses
CoreWarrior Malware Attacking Windows Machines With Self-replication Capabilities
Malware targeting Windows machines continues to be a significant threat. While these threats could be in various forms like viruses, worms, and ransomware. These malicious programs can infiltrate systems via
87,000+ FortiOS Devices Vulnerable to Remote Code Execution Attacks
A critical security vulnerability affecting over 87,000 FortiOS devices has been discovered, leaving them exposed to potential remote code execution (RCE) attacks. The flaw, identified as CVE-2024-23113, impacts multiple versions
Cyber Security News Letter(Weekly) – Data Breaches, Vulnerability, Cyber Attack & Other Stories
Welcome to this week’s Cybersecurity Newsletter, bringing you the latest updates and insights from the world of cybersecurity. Stay informed and protected with our top stories. Stay informed about the
HashiCorp Cloud Vault Vulnerability Let Attackers Escalate Privileges
HashiCorp, a leading provider of cloud infrastructure automation software, has disclosed a critical security vulnerability in its Vault secret management platform. The flaw, identified as CVE-2024-9180, could allow privileged attackers
PureLogs, Low Cost Infostealer Attacking Chrome Browser
The world of cyber threats is intricate and ever-changing. Threat actors are always improving their methods, and new strains of infostealer malware frequently surface. Infostealers are very easy to operate,
