Vulnerabilities in Fortinet Allow Remote Execution of Malicious Code

Fortinet, a leader in cybersecurity solutions, has reported two critical vulnerabilities affecting its FortiWLM and FortiManager products. These vulnerabilities could allow attackers to remotely execute unauthorized malicious code, posing a significant threat to corporate networks. Vulnerability in FortiWLM (Wireless LAN…

FBI Warns: HiatusRAT Targets Webcams and DVR Devices

The Federal Bureau of Investigation (FBI) has issued a warning about a new threat targeting webcams and digital video recorders (DVR). This threat, known as the HiatusRAT malware, allows cybercriminals to remotely control these devices. The activity of HiatusRAT has…

New Vulnerabilities in Apache Tomcat Could Enable Remote Code Execution

Two new critical vulnerabilities have been identified in the popular open-source web server and servlet container Apache Tomcat. These vulnerabilities could allow attackers to perform remote code execution (RCE) and denial-of-service (DoS) attacks. The Apache Software Foundation has released patches…

RCE Vulnerability in Apache Struts Actively Exploited

Apache Struts, a popular open-source framework used for developing Java-based web applications, has been found to contain a new vulnerability (CVE-2024-53677) that is already being actively exploited by attackers. Using publicly available Proof of Concept (PoC) code, they can upload…

Kali Linux 2024.4 Released With New Hacking Tools

The highly anticipated final release of Kali Linux 2024.4 is now here! This update comes packed with numerous updates, new hacking tools, and powerful features, ranging from a new default Python version to the discontinuation of i386 kernel support. Kali…

CoinLurker: Next-Generation Tool Used in Modern Cyberattacks

CoinLurker is an advanced data-stealing malware that has revolutionized fake update campaigns. Written in the Go programming language, CoinLurker utilizes obfuscation and anti-analysis techniques, enabling it to evade detection and carry out stealthy cyberattacks. According to Morphisec’s report, CoinLurker has…

Hackers Exploiting Microsoft Teams for Remote Access to Systems

Hackers used the Microsoft Teams platform to trick a victim into granting remote access to their system. This attack, analyzed by Trend Micro, showcases the increasing complexity of social engineering tactics employed by cybercriminals. The attack unfolded in several stages:…

Increased Scanning of RDP Services: Focus on Port 1098

Recent data has revealed a sharp rise in attacks targeting Remote Desktop Protocol (RDP) services, with a specific focus on port 1098 Over the past two weeks, honeypot sensors have recorded more than 740,000 daily scans from distinct IP addresses.…