Vulnerabilities
- 20,275 VMware ESXi Vulnerable Instances Exposed, Microsoft Warns of Massive Exploitation
- HPE Critical 3PAR Processor Flaw Let Remote Attackers Bypass Authentication
- Cisco Smart Software Manager Flaw Let Attackers Change Any User Passwords
- Progress Telerik Report Server Vulnerability Allows RCE Attacks
- RaspAP Flaw Let Hackers Escalate Privileges with Raspberry Pi Devices
- Cisco Patches the Products Impacted by RADIUS Protocol Vulnerability
- WhatsApp for Windows lets Python, PHP scripts execute with no warning
- Acronis warns of Cyber Infrastructure default password abused in attacks
- OpenStack Nova Vulnerability Allows Hackers Gain Unauthorized Access to Cloud Servers
- GitLab Patched XSS Vulnerability that Lets Attackers to Execute Arbitrary Code
- Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins
- BIND DNS Vulnerability Lets Attackers Flood Server With DNS Messages
- BlueStacks Emulator For Windows Flaw Exposes Millions Of Gamers To Attack
- Telegram App Flaw Exploited to Spread Malware Hidden in Videos
- Google Chrome 127 Released With Fix for Vulnerabilities that Lead to Browser Crash
- Multiple Vulnerabilities Found In XenForo Internet Forum Solution
- Cisco VPN Routers Flaw Let Attackers Execute Remote Code
- Critical Splunk Vulnerability Exploited Using Crafted GET Commands
- Oracle WebLogic Server Vulnerability Allows Complete Server Take Over
- Critical Apache HTTP Server Vulnerabilities Expose Millions of Websites to Cyber Attack
- New MOVEit File Transfer Vulnerability Let Attackers Escalate Privileges
TTP
- Fake CrowdStrike repair manual pushes new infostealer malware
- Fraud ring pushes 600+ fake web shops via Facebook ads
- Massive SMS stealer campaign infects Android devices in 113 countries
- Don’t Let Your Domain Name Become a “Sitting Duck”
Breaches
- UK govt links 2021 Electoral Commission breach to Exchange server
- World leading silver producer Fresnillo discloses cyberattack
- HealthEquity Data Breach, 4.3 Million User Data Exposed
- ubook Suffered Data Breach, 710,000 Users’ Data Exposed
Note worthy
- CrowdStrike Releases Fix for Updates Causing Windows to Enter BSOD Loop
- 8.5 Million Windows Systems Hit by CrowdStrike Faulty Update – Microsoft Says!
- Microsoft confirms CrowdStrike update also hit Windows 365 PCs
- KnowBe4 Hired Fake North Korean IT Worker, Catches While Installing Malware
- Microsoft says massive Azure outage was caused by DDoS attack
Miscellaneous
Stream Link
https://youtube.com/live/YtljEzq8yQw?list=PLSJyoFloAkDo93fi_o0WJD9-gJzfpWizG