Zimbra, a popular email and collaboration platform, has issued a crucial security update to patch a severe vulnerability in its postjournal service. Identified as CVE-2024-45519, this flaw allows unauthenticated attackers to execute arbitrary commands on affected Zimbra installations. The vulnerability was discovered in Zimbra’s post-journal service. Attackers could exploit it to run arbitrary commands without…

Authorities in the UK, US, and Australia have sanctioned sixteen individuals linked to Evil Corp, a group once considered the pinnacle of global cyber threats. This move exposes their connections to the Russian state and other infamous ransomware groups, including LockBit. The National Crime Agency(NCA) also shared the news on Social Platform X. Further Evil…

A recently identified vulnerability in Bluetooth technology, identified as CVE-2020-26558, poses a significant security risk to devices supporting various Bluetooth Core Specifications. This vulnerability, known as “Impersonation in the Passkey Entry Protocol,” affects devices using the Passkey Entry association model in BR/EDR Secure Simple Pairing, Secure Connections Pairing, and LE Secure Connections Pairing. Vulnerability Details…

Law enforcement agencies have identified Russian national Aleksandr Viktorovich Ryzhenkov as a key member of the notorious Evil Corp cybercrime group and a LockBit ransomware affiliate. Ryzhenkov, also known by his alias “Beverley,” has been linked to over 60 LockBit ransomware builds and is believed to have sought to extort at least $100 million from…

XWorm refers to a type of malware that has been analyzed for its obfuscation techniques and potential impacts on systems. While this malware is known for its ability to disguise itself and evade detection which makes it a significant threat in the cybersecurity landscape. NetSkope researchers recently identified a new variant of XWorm that is…

Docker Swarm and Kubernetes are both container orchestration tools, but they serve different use cases.SSH servers can be utilized alongside these orchestration tools to manage and secure remote access to the nodes within the clusters. DataDog security labs researchers have recently identified that hackers are actively exploiting Docker Swarm, Kubernetes, and SSH servers on a…

The 8220 hacker group is known for targeting both Windows and Linux web servers by deploying “crypto-jacking” malware to exploit vulnerabilities. This group reportedly has access to the source code of these OSs, which enhances their ability to carry out attacks via brute force and RCE. Cybersecurity researchers at Sekoia recently discovered that the 8220…

An ongoing fake Google Chrome update effort targeting France has been noticed, which spreads WarmCookie malware via compromised websites. WarmCookie is a Windows malware that is used to obtain system access through phishing operations. It is a two-stage backdoor intended to spread more payloads and examine target networks. It most commonly spreads through phishing efforts…

The Internet, a vast and intricate network of networks, relies on numerous underlying technologies and protocols to function seamlessly. The concept of an autonomous system (AS) is one critical component that enables the Internet to operate efficiently. In networking, an AS is a collection of IP prefixes under a single administrative domain that maintains a…

What do you get when you cross cardboard, deodorant rollers, and a love for retro gaming? A marvel of DIY engineering that brings the arcade classic Puzzle Bobble to life—once again! Do you remember the original Puzzle Bobble aiming mechanism we featured 12 years ago? Now, creator [TomTilly] has returned with a revamped version, blending…