-
CVE-2024-23963 – Alpine Halo9 Bluetooth PBAP Code Execution Vulnerability
CVE ID : CVE-2024-23963 Published : Jan. 31, 2025, 12:15 a.m. | 1 day, 3 hours ago Description : This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this…
-
CVE-2024-23968 – ChargePoint Home Flex Stack Based Buffer Overflow
CVE ID : CVE-2024-23968 Published : Jan. 31, 2025, 12:15 a.m. | 1 day, 3 hours ago Description : This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SrvrToSmSetAutoChnlListMsg function. The issue results from…
-
CVE-2024-23928 – Pioneer DMH-WT7600NEX Certificate Validation Vulnerability
CVE ID : CVE-2024-23928 Published : Jan. 31, 2025, 12:15 a.m. | 1 day, 3 hours ago Description : This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of Pioneer DMH-WT7600NEX devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the telematics functionality, which operates over…
-
Ransomware attacks in 2024 | Kaspersky official blog
The biggest and most high-profile ransomware incidents of 2024, and the consequences for targeted organizations. You may have noticed a slight drop in the amount of coverage of ransomware on our Kaspersky Daily blog in recent years. Sadly, it’s not that ransomware attacks have stopped. Far from it — such incidents are now so commonplace…
-
How the Banshee stealer infects macOS users | Kaspersky official blog
The dangerous Banshee stealer for Macs has learned how to bypass built-in macOS security, and continues to evolve. How to protect yourself? Many macOS users believe their operating system is immune to malware, so they don’t need to take extra security precautions. In reality, it’s far from the truth, and new threats keep popping up.…
-
What scareware is and how to protect yourself | Kaspersky official blog
We explain what scareware is and why it’s dangerous, with tips for guarding against this threat. Imagine: you’re calmly working away on your computer, when suddenly a scary message appears on the screen: “Your computer is infected with viruses! Install an antivirus immediately!” or “Your data is at risk! Clean your system immediately!” Panic? That’s…
-
How Trustwave’s Fusion Platform Analyzes Ransomware Tactics in the Energy Sector: A Comprehensive Overview
Trustwave SpiderLabs has multiple methods and tools available to keep its teams apprised of the tactics, techniques, and procedures (TTPs) threat groups utilize during an attack, but perhaps the most useful is our cloud-native Fusion dashboard. Go to Source
-
Accelerate Your Journey with the Microsoft End Customer Investment Funds (ECIF) Program
As a long-time Microsoft partner, Trustwave is well-positioned to help an organization tap into the Microsoft End Customer Investment Funds (ECIF) Program. Go to Source
-
Inside APT34 (OilRig): Tools, Techniques, and Global Cyber Threats
This blog is the latest in a series that delves into the deep research conducted daily by the Trustwave SpiderLabs team on major threat actor groups currently operating globally. Go to Source
-
TorNet Backdoor Detection: An Ongoing Phishing Email Campaign Uses PureCrypter Malware to Drop Other Payloads
Financially motivated hackers are behind an ongoing malicious campaign targeting Poland and Germany. These phishing attacks aim to deploy multiple payloads, including Agent Tesla, Snake Keylogger, and a novel backdoor dubbed TorNet, which is delivered via PureCrypter malware. Detect TorNet Backdoor A significant rise in phishing campaigns, with a 202% increase in phishing messages over…