Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

Exploring malicious Windows drivers (Part 1): Introduction to the kernel and drivers

Exploring malicious Windows drivers (Part 1): Introduction to the kernel and drivers  Drivers have long been of interest to threat actors, whether they are exploiting vulnerable drivers or creating malicious ones. Malicious drivers are difficult to detect and successfully leveraging one can give an attacker full access to a

TALOS
Open in Source
#web#windows#microsoft#c++#ssl
Iranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War Experts

High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the U.K., and the U.S. have been targeted by an Iranian cyber espionage group called Mind Sandstorm since November 2023. The threat actor "used bespoke phishing lures in an attempt to socially engineer targets into downloading malicious files," the

Kaspersky’s iShutdown Tool Detects Pegasus Spyware on iOS Devices

By Waqas Kaspersky has recently launched a tool called iShutdown, designed not only to detect the notorious Pegasus spyware but also to identify other malware threats on iOS devices. This is a post from HackRead.com Read the original post: Kaspersky’s iShutdown Tool Detects Pegasus Spyware on iOS Devices

Google Incognito Mode: New Disclaimer Reveals Data Tracking

By Waqas Is Google Incognito mode really private? Well, the answer is no. Why? Let's take a closer look... This is a post from HackRead.com Read the original post: Google Incognito Mode: New Disclaimer Reveals Data Tracking

Easy File Sharing FTP 3.6 Denial Of Service

Easy File Sharing FTP version 3.6 remote denial of service exploit.

Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited Vulnerability

Google on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw. The issue, tracked as CVE-2024-0519, concerns an out-of-bounds memory access in the V8 JavaScript and WebAssembly engine, which can be weaponized by threat actors to trigger a crash. "By reading out-of-bounds memory, an attacker might be able to get secret values,

Ivanti VPN Zero-Day Flaws Fuel Widespread Cyber Attacks

By Deeba Ahmed Another day, another zero-day flaw driving the cybersecurity world crazy. This is a post from HackRead.com Read the original post: Ivanti VPN Zero-Day Flaws Fuel Widespread Cyber Attacks

MailCarrier 2.51 Denial Of Service

MailCarrier version 2.51 remote denial of service exploit.

LightFTP 1.1 Denial Of Service

LightFTP version 1.1 remote denial of service exploit.

Hackers Weaponize Windows Flaw to Deploy Crypto-Siphoning Phemedrone Stealer

Threat actors have been observed leveraging a now-patched security flaw in Microsoft Windows to deploy an open-source information stealer called Phemedrone Stealer. “Phemedrone targets web browsers and data from cryptocurrency wallets and messaging apps such as Telegram, Steam, and Discord,” Trend Micro researchers Peter Girnus, Aliakbar Zahravi, and Simon Zuckerbraun said. “It also