In recent years, the digital realm has witnessed a relentless evolution in the field of cyber threats. These advancements continually push the boundaries of what we once thought possible in the world of cybersecurity. The latest revelation of the BlastPass… Read More »Zero-click BlastPass: A Stark Reminder
The recently concluded NATO summit in Vilnius, Lithuania, has raised concerns over a potential and highly threatening cyber attack aimed at compromising classified information within the European Space Agency (ESA). This alarming revelation highlights the ongoing challenges faced by organizations… Read More »NATO Summit in Vilnius Concludes Amidst Threat of Severe Cyber Attack
Microsoft Teams, a popular platform for workplace collaboration and communication, has recently been found to contain a critical security vulnerability that poses a significant threat to its users. In a groundbreaking discovery, Jumpsec Labs, a leading cybersecurity firm, has identified… Read More »Critical Security Flaw in Microsoft Teams Allows External Tenants to Introduce Malware
Introduction: In a shocking revelation, researchers have recently discovered a critical security flaw in Gigabyte motherboards that exposes users to potential cyber threats. This backdoor vulnerability, allows unauthorized access to the motherboard firmware, potentially leading to unauthorized control of the… Read More »Uncovering the Gigabyte Motherboard Firmware Backdoor: millions of them were sold
Please find a brief summary of https://danrevah.github.io/2023/05/15/CVE-2023-26818-Bypass-TCC-with-Telegram/ “CVE-2023-26818: Bypassing TCC with Telegram” discusses a recently discovered vulnerability that allows attackers to bypass the Transparency Consent and Control (TCC) framework using the popular messaging app, Telegram. The vulnerability, designated as CVE-2023-26818,… Read More »CVE-2023-26818: Bypassing TCC with Telegram
A new SLP (Service Location Protocol) vulnerability has been discovered that could allow attackers to take control of devices on a network. The vulnerability, which has been dubbed “SLPPrint,” affects devices running the Service Location Protocol and is considered highly… Read More »x2200 more powerful DDoS attacks with SLP into the wild
Recently, a new type of cyber-attack has been discovered that is taking advantage of Google Cloud Platform (GCP) application infrastructure to create an invisible and unremovable Trojan app on Google accounts. This attack is known as GhostToken and is a… Read More »GhostToken for GCP (Google cloud platform)
Yellow Pages Canada, a leading online directory service, has confirmed a cyber attack that resulted in the theft of its user data. The attack was carried out by the hacking group known as Black Basta, which has claimed responsibility for… Read More »Yellow Pages Canada pwned
A recent hack of the popular communication software 3CX has been attributed to a supply chain attack on a third-party trading software provider. The attack resulted in unauthorized access to 3CX servers and the installation of ransomware on customer devices.… Read More »3CX was pwned using supply chain attack
The International Committee of the Red Cross (ICRC) has confirmed that it was targeted by a cyber attack on June 22, 2022. The attack was detected by the ICRC’s cybersecurity team, which immediately took measures to mitigate the impact of… Read More »Red Cross pwned, 515k personal data accounts