In a recent security assessment conducted by Kaspersky experts, significant vulnerabilities were identified in the biometric readers produced by ZKTeco. These devices, widely used in high-security sectors such as nuclear plants, hospitals, and offices, support advanced authentication methods including facial recognition and QR-code scanning. According to Kaspersky, these vulnerabilities pose a serious risk, potentially allowing…
Tag: Vulnerabilities
‘Noodle RAT’ A New Cross-Platform Malware Targets Windows and Linux Systems
Security researchers recently uncovered a new cross-platform malware named Noodle RAT. Noodle RAT: A New Malware Family Trend Micro’s security expert Hara Hiroaki has identified Noodle RAT as a significant departure from known malware variants like Gh0st RAT and Rekoobe. Hiroaki explains, “this backdoor represents a new category of malware, rather than just a variant…
Black Basta May Have Taken Advantage of Windows Zero-Day Vulnerability
Recent investigations by Symantec suggest that threat actors associated with the Black Basta ransomware may have capitalized on a newly disclosed zero-day vulnerability in the Microsoft Windows Error Reporting Service. The flaw, identified as CVE-2024-26169 with a CVSS score of 7.8, facilitated privilege escalation, potentially granting attackers system privileges. Although the vulnerability was patched by…
Essential Tips for Writing Secure Code
This article aims to provide tips for writing secure code in Golang. However, these tips are applicable to other programming languages as well. I Don’t Care if My Code is Secure or Not, It Works! Don’t think like this. It’s important to protect your code from attackers. Sometimes writing secure code can be overwhelming but…
Netflix Bug Bounty Program Surpasses $1 Million in Payouts
Since the launch of its bug bounty program in 2016, Netflix has paid out more than $1 million for vulnerabilities discovered in its systems and products. The streaming giant announced on Tuesday that over 5,600 researchers have contributed to the program, submitting nearly 8,000 unique vulnerability reports. Rewards have been distributed for 845 vulnerabilities, with…
Kimsuky APT Deploys Linux Backdoor ‘Gomir’ in Cyber Attacks Targeting South Korea
The Kimsuky APT group, also known as Springtail and linked to North Korea’s Reconnaissance General Bureau (RGB), has launched a new attack against South Korean organizations using a Linux variant of its GoBear backdoor. The Symantec Threat Hunter Team from Broadcom reported that this backdoor, named Gomir, shares significant code similarities with GoBear. OS-dependent features…
CISA Launches Vulnrichment Project to Enhance CVE Records
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has unveiled the “Vulnrichment” initiative, designed to enhance Common Vulnerabilities and Exposures (CVE) records with additional metadata, aiding organizations in prioritizing vulnerability remediation. Hosted on a public GitHub repository, the Vulnrichment project aims to augment CVE records with vital data points, including: CISA utilizes its Stakeholder-Specific Vulnerability…
Litespeed Cache Vulnerability Grants Unauthorized WordPress Admin Access
Hackers are exploiting an outdated version of the LiteSpeed Cache plugin to target WordPress websites, establishing administrator accounts and seizing control of the sites. LiteSpeed Cache (LS Cache) is a caching plugin used in over five million WordPress sites, promising faster page loads, enhanced visitor experiences, and improved Google Search rankings. In April, Automattic’s security…
MITRE Breach Timeline: China-Linked Group’s Intrusion Unveiled
On April 19, MITRE, a nonprofit organization managing R&D centers for US government sponsors, disclosed the breach of its Networked Experimentation, Research, and Virtualization Environment (NERVE), an unclassified collaborative network utilized for research, development, and prototyping purposes. Insights into the Attack The cyber espionage group associated with China, identified by Mandiant as UNC5221, exploited zero-day…
Hosts Vulnerable to Remote Code Execution Due to Critical Tinyproxy Flaw
More than half of the 90,310 hosts with exposed Tinyproxy services are susceptible to CVE-2023-49606, a critical security flaw that threatens remote code execution. This vulnerability, highlighted by Cisco Talos, underscores the urgency for prompt action to safeguard internet infrastructure. Extent of Vulnerability The vulnerability, rated 9.8 out of 10 on the CVSS scale, affects…