Report

Threat Intel Roundup: Putty, Nexperia, GlobalProtect, Palo Alto

Week in Overview(9 Apr-16 Apr) – 2024 🚨 Vulnerability of the Week In a swift response to the emergence of a critical zero-day vulnerability affecting its GlobalProtect VPN product, Palo Alto Networks has released urgent fixes to stem the tide of attacks targeting the flaw. Designated as CVE-2024-3400 and carrying the highest severity score possible,

More
Threat Intel Roundup: Linux, FishEye, Jia Tan’s, Zer0con

Threat Intel Roundup: Linux, FishEye, Jia Tan’s, Zer0con

Week in Overview(2 Apr-9 Apr) – 2024 Technical Summary 🚨 Vulnerability of the Week A critical vulnerability, CVE-2024-1086, has surfaced, posing a significant threat to Linux systems by enabling local privilege escalation. This exploit has emerged amidst the commotion surrounding the xz backdoor, presenting a stealthy but potent danger. Key points about this exploit: Given

More
Threat Intel Roundup: XZ, Konni, ALPC, WallEscape

Threat Intel Roundup: XZ, Konni, ALPC, WallEscape

Technical Summary 5. Android Malware Vultur Expansion: 6. WallEscape Vulnerability in util-linux (CVE-2024-28085): 7. Chaining N-days to Compromise All: Windows Kernel LPE (CVE-2024-XXXX): 🚨 Vulnerability of the Week On March 29th, 2024, alarming news surfaced in the realm of cybersecurity. A malicious code had infiltrated XZ Utils, a fundamental package in major Linux distributions, unleashing

More
Threat Intel Roundup: Pwn2Own, MDAV, FakeJami, ColdFusion

Threat Intel Roundup: Pwn2Own, MDAV, FakeJami, ColdFusion

Week in Overview(19 Mar-26 Mar) – 2024 Technical Summary 1.Pwn2Own Vancouver 2024: Pwn2Own Vancouver 2024 showcased the skills of cybersecurity researchers in identifying critical vulnerabilities across various platforms. Notable exploits included escalations of privileges on Windows 11, exploits of VMware Workstation and Oracle VirtualBox, and successful remote code execution on web browsers like Mozilla Firefox,

More