Skip to content
Google Patches New Android Kernel Vulnerability Exploited in the Wild

Google Patches New Android Kernel Vulnerability Exploited in the Wild

Aug 06, 2024Ravie LakshmananMobile Security / Vulnerability Google has addressed a high-severity security flaw impacting the Android kernel that it said has been actively exploited in the wild. The vulnerability, tracked as CVE-2024-36971, has been… 

New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution

New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution

Aug 06, 2024Ravie LakshmananEnterprise Security / Vulnerability A new zero-day pre-authentication remote code execution vulnerability has been disclosed in the Apache OFBiz open-source enterprise resource planning (ERP) system that could allow threat actors to achieve… 

Researchers Uncover Flaws in Windows Smart App Control and SmartScreen

Researchers Uncover Flaws in Windows Smart App Control and SmartScreen

Aug 05, 2024Ravie LakshmananThreat Intelligence / Vulnerability Cybersecurity researchers have uncovered design weaknesses in Microsoft’s Windows Smart App Control and SmartScreen that could enable threat actors to gain initial access to target environments without raising… 

Kazakh Organizations Targeted by ‘Bloody Wolf’ Cyber Attacks

Kazakh Organizations Targeted by ‘Bloody Wolf’ Cyber Attacks

Aug 05, 2024Ravie LakshmananNetwork Security / Threat Intelligence Organizations in Kazakhstan are the target of a threat activity cluster dubbed Bloody Wolf that delivers a commodity malware called STRRAT (aka Strigoi Master). “The program selling… 

Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access

Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access

Aug 05, 2024Ravie LakshmananNetwork Security / Vulnerability A high-severity security bypass vulnerability has been disclosed in Rockwell Automation ControlLogix 1756 devices that could be exploited to execute common industrial protocol (CIP) programming and configuration commands.… 

New Android Trojan “BlankBot” Targets Turkish Users’ Financial Data

New Android Trojan “BlankBot” Targets Turkish Users’ Financial Data

Aug 05, 2024Ravie LakshmananMobile Security / Financial Security Cybersecurity researchers have discovered a new Android banking trojan called BlankBot targeting Turkish users with an aim to steal financial information. “BlankBot features a range of malicious… 

China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates

China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates

Aug 05, 2024Ravie LakshmananBrowser Security / Windows Security The China-linked threat actor known as Evasive Panda compromised an unnamed internet service provider (ISP) to push malicious software updates to target companies in mid-2023, highlighting a…