Tag: #malware
Microsoft has addressed a critical Windows MSHTML zero-day vulnerability, tracked as CVE-2024-38112, which has been actively exploited in cyberattacks for eighteen months. This high-severity MHTML spoofing issue, fixed during the July 2024 Patch Tuesday security updates, allowed malicious scripts to bypass built-in security features. Haifei Li of Check Point Research discovered the vulnerability and reported […]
Cisco’s NX-OS zero-day vulnerability (CVE-2024-20399) has been actively exploited by the Chinese state-sponsored threat actor known as Velvet Ant, highlighting the urgent need for cybersecurity professionals and network administrators to secure affected systems. In a forensic investigation led by Sygnia, it was discovered that Velvet Ant gained administrator-level credentials to access Cisco Nexus switches and […]
Phishing Attacks Evolve: Protecting Yourself from Remote Access Fraud While one-time passwords (OTPs) add security to online transactions, cybercriminals are devising new methods to steal money. This article explores a recent scam where attackers bypass OTPs to gain unauthorized access to bank accounts. The Scam Phishing with a Twist: Fraudsters send messages disguised as bank […]