A widespread phishing campaign has been observed leveraging bogus PDF documents hosted on the Webflow content delivery network (CDN) with an aim to steal credit card information and commit financial fraud. “The attacker targets victims searching for documents on search engines, resulting in access to malicious PDF that contains a CAPTCHA image embedded with a phishing link,
Read More
Cisco has released updates to address two critical security flaws Identity Services Engine (ISE) that could allow remote attackers to execute arbitrary commands and elevate privileges on susceptible devices. The vulnerabilities are listed below – An attacker could weaponize either of the flaws by sending a crafted serialized Java object or an HTTP request to an unspecified
Read More
The North Korean threat actors behind the Contagious Interview campaign have been observed delivering a collection of Apple macOS malware strains dubbed FERRET as part of a supposed job interview process. “Targets are typically asked to communicate with an interviewer through a link that throws an error message and a request to install or update
Read More
Microsoft has released patches to address two Critical-rated security flaws impacting Azure AI Face Service and Microsoft Account that could allow a malicious actor to escalate their privileges under certain conditions. The flaws are listed below – “Authentication bypass by spoofing in Azure AI Face Service allows an authorized attacker to elevate privileges over a
Read More
Our mission is to educate our customer base, build capacity in every country we operate in and make cyber security affordable to all