Virtualization services provider VMware has alerted customers to the existence of a proof-of-concept (PoC) exploit for a recently patched security flaw in Aria Operations for Logs. Tracked as CVE-2023-34051 (CVSS score: 8.1), the high-severity vulnerability relates to a case of authentication bypass that could lead to remote code execution. “An unauthenticated, malicious actor can inject
Read More
The popularity of Brazil’s PIX instant payment system has made it a lucrative target for threat actors looking to generate illicit profits using a new malware called GoPIX. Kaspersky, which has been tracking the active campaign since December 2022, said the attacks are pulled off using malicious ads that are served when potential victims search for “WhatsApp web” on search engines. “The
Read More
The threat actor known as Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023, to harvest email messages from victims’ accounts. “Winter Vivern has stepped up its operations by using a zero-day vulnerability in Roundcube,” ESET security researcher Matthieu Faou said in a new report published today. Previously, it was using
Read More
Introduction Today’s digital world faces a rise in cyber-attacks and hackers are increasingly using steganography as a technique to trick internet users and bind malicious payloads in seemingly “safe” software, files, etc. to bypass security firewalls and scanners. The root “steganos” is Greek for “hidden/cover” and the root “graph” is Greek for “to write”, where
Read More
Our mission is to educate our customer base, build capacity in every country we operate in and make cyber security affordable to all