CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Security researcher Simone Margaritelli has publicly disclosed a critical vulnerability in Apple’s Common UNIX Printing System (CUPS), revealing that the service fails to verify TLS certificates. This flaw allows attackers on the same network to impersonate IPP-over-HTTPS (IPPS) printers and intercept, modify, or redirect print jobs — potentially exposing sensitive data and enabling broader system …
The post Apple’s CUPS Printing System Vulnerable to Spoofing Attacks appeared first on CyberInsider.
January 17th, 2025 (6 months ago)
|
|
|
January 17th, 2025 (6 months ago)
|
|
|
Description: As LLMs broaden access to hacking and diversify attack strategies, understanding the thought processes behind these innovations will be vital for bolstering IT defenses.
January 17th, 2025 (6 months ago)
|
|
|
Description: Microsoft has started the forced rollout of Windows 11 24H2 to eligible, non-managed systems running the Home and Pro editions of Windows 11 22H2 and 23H2. [...]
January 17th, 2025 (6 months ago)
|
|
|
Description: Cybersecurity researchers have disclosed three security flaws in Planet Technology's WGS-804HPT industrial switches that could be chained to achieve pre-authentication remote code execution on susceptible devices.
"These switches are widely used in building and home automation systems for a variety of networking applications," Claroty's Tomer Goldschmidt said in a Thursday report. "An attacker
January 17th, 2025 (6 months ago)
|
|
|
Description: Microsoft Threat Intelligence has uncovered a new spear-phishing campaign by the Russian threat actor Star Blizzard, marking a significant shift in their tactics. The campaign, observed in mid-November 2024, exploits WhatsApp’s account linking feature to gain unauthorized access to messages. This is the first time Star Blizzard has used WhatsApp as an attack vector, following …
The post Star Blizzard Targets WhatsApp Accounts in Tricky QR Code Attack appeared first on CyberInsider.
January 17th, 2025 (6 months ago)
|
|
|
Description: Cybersecurity researchers have exposed a new campaign that targets web servers running PHP-based applications to promote gambling platforms in Indonesia.
"Over the past two months, a significant volume of attacks from Python-based bots has been observed, suggesting a coordinated effort to exploit thousands of web apps," Imperva researcher Daniel Johnston said in an analysis. "These attacks
January 17th, 2025 (6 months ago)
|
|
|
Description: The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) sanctioned two individuals and four entities for their alleged involvement in illicit revenue generation schemes for the Democratic People's Republic of Korea (DPRK) by dispatching IT workers around the world to obtain employment and draw a steady source of income for the regime in violation of international sanctions.
"These
January 17th, 2025 (6 months ago)
|
|
|
Description: Cybersecurity researchers have detailed a new adversary-in-the-middle (AitM) phishing kit that's capable of Microsoft 365 accounts with an aim to steal credentials and two-factor authentication (2FA) codes since at least October 2024.
The nascent phishing kit has been dubbed Sneaky 2FA by French cybersecurity company Sekoia, which detected it in the wild in December. Nearly 100 domains hosting
January 17th, 2025 (6 months ago)
|
|
|
Description: Recent data breaches have highlighted the critical need to improve guest Wi-Fi infrastructure security in modern business environments. Organizations face increasing pressure to protect their networks while providing convenient access to visitors, contractors, temporary staff, and employees with BYOD. Implementing secure guest Wi-Fi infrastructure has become essential for authenticating access,
January 17th, 2025 (6 months ago)
|