Hackernews has another story about exploited devices: Archer routers This router the Archer TP link “The botnet exploits a remote code execution (RCE) vulnerability in TP-Link Archer routers (CVE-2023-1389) to spread itself automatically over the Internet,” security researchers Ofek Vardi and Matan Mittelman said in a technical report shared with The Hacker News.” As … Read more
2 interesting issues have been uncovered by cybersecurity researchers. Hackernews article: “New ‘Sneaky 2FA’ Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass” Phishing campaigns have been observed sending payment receipt-related emails to entice recipients into opening bogus PDF documents containing QR code that, upon scanning, redirects them to Sneaky 2FA pages. The Phishing … Read more
I think you know the answer to that: United Nations Office on Drugs and Crime has found multiple areas in the world where there is a confluence of criminal gangs with drug trafficking sales, online gambling, and cyber-enabled attacks. And guess what these criminal gangs into drugs, online gambling, and cyberattacks are using to make … Read more
Ivanti Legacy Cloud appliance has a bad vulnerability (remove/ upgrade ASAP) Scammers are posing as Apple care services in github and Google ads (Malware Bytes article)which are fake. Some windows systems were left dangerously unpatched for some time (krebsonsecurity article) Issue1: Unfortunately the obsolete Ivanti appliances must be replaced ASAP – as this is the … Read more
As Hackernews has in its posts: New OpenSSH Vulnerability Could Lead to RCE as Root on Linux Systems RCE = Remote Code Execution , i.e. the hacker does not need an account on the system to get on the system. This happens to be an old vulnerability (as per AI response): The OpenSSH remote code … Read more