Sign in Subscribe

Latest

Microsoft Sway Abused to Deliver Quishing Attacks

Microsoft Sway Abused to Deliver Quishing Attacks

On August 27, 2024, Netskope Threat Labs reported a surge in traffic to phishing pages hosted on Microsoft Sway, a free web-based application within the Microsoft 365 suite. These phishing campaigns predominantly employed "Quishing," a technique using QR codes

The Versa Director Zero-Day Exploitation

The Versa Director Zero-Day Exploitation

On August 27, 2024, Black Lotus Labs revealed the active exploitation of a zero-day vulnerability in Versa Director servers. Identified as CVE-2024-39717, this vulnerability impacts all Versa Director versions before 22.1.4. CISA added CVE-2024-39717 to the KEV.

CISA Adds One Known Exploited Vulnerability to Catalogue

CISA Adds One Known Exploited Vulnerability to Catalogue

On August 26, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) announced the addition of a newly identified vulnerability to its Known Exploited Vulnerabilities Catalog.

Exploration of Sandboxing and AppData Transparency, Consent, and Control Report

Exploration of Sandboxing and AppData Transparency, Consent, and Control Report

Initially presented at Blackhat USA 2024, the report highlights how these vulnerabilities can be exploited, providing valuable insights into the evolving security challenges within Apple's operating system.

Mobile App Vulnerabilities: How Popular Apps Leak Sensitive Data

Mobile App Vulnerabilities: How Popular Apps Leak Sensitive Data

On August 27, 2024, Symantec released a report highlighting the alarming vulnerabilities found in several popular mobile apps, both on Android and iOS platforms. The report reveals that these apps are failing to protect sensitive user data

Namespace Collision Exploits in Microsoft Active Directory Networks: A Growing Threat

Namespace Collision Exploits in Microsoft Active Directory Networks: A Growing Threat

On August 23, 2024, cybersecurity researcher Philippe Caturegli released a comprehensive report detailing the persistent and growing issue of namespace collisions in Microsoft Active Directory (AD) networks.