Threat update
A recent Microsoft Outlook client zero-click remote code execution (RCE) vulnerability, CVE-2024-30103, has a CVSS score of 8.8.
A recent Microsoft Outlook client zero-click remote code execution (RCE) vulnerability, CVE-2024-30103, has a CVSS score of 8.8.
Google users have been targeted with a typosquatted attack when searching Advanced IP Scanner. When searching for this free network scanner for Windows, users are served with an exploited version of Advanced IP Scanner that injects a CobaltStrike Beacon into the parent process's address space.
A Veeam Backup Enterprise Manager (VBEM) security vulnerability, CVE-2024-29849, can pose serious risks for organizations. Users are advised to update their VBEM to the latest version immediately.
Palo Alto Networks has recently disclosed a critical zero-day vulnerability, CVE-2024-3400, within its PAN-OS operating system. The flaw, found in the GlobalProtect Gateway, is currently under active exploitation. Additionally, the threat actors behind RedTail cryptocurrency mining malware have added this vulnerability to its exploit arsenal, further intensifying the threat.
ShrinkLocker is a recent ransomware strain that leverages a legitimate Windows encryption feature, BitLocker, to lock victims out of their devices. It shrinks the partition, increasing the impact of the attack.