Cleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation Urged Users of Cleo-managed file transfer software are being urged to ensure that their instances are not exposed to the internet following reports of mass exploitation of a vulnerability affecting fully patched systems. Cybersecurity company Huntress said it discovered evidence Read more…
Critical Mitel MiCollab Flaw Exposes Systems to Unauthorized File and Admin Access Cybersecurity researchers have released a proof-of-concept (PoC) exploit that strings together a now-patched critical security flaw impacting Mitel MiCollab with an arbitrary file read zero-day, granting an attacker the ability to access files from susceptible instances. The critical Read more…
Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks Oct 09, 2024Ravie LakshmananEnterprise Security / Identity Theft Microsoft is warning of cyber attack campaigns that abuse legitimate file hosting services such as SharePoint, OneDrive, and Dropbox that are widely used in enterprise environments as a defense Read more…
Unpumper – Tool That Can Be Used To Trim Useless Things From A PE File Such As The Things A File Pumper Would Add file-unpumper is a powerful command-line utility designed to clean and analyze Portable Executable (PE) files. It provides a range of features to help developers and security Read more…
DarkGate Malware Exploits Samba File Shares in Short-Lived Campaign Jul 12, 2024NewsroomMalware / Cyber Attack Cybersecurity researchers have shed light on a short-lived DarkGate malware campaign that leveraged Samba file shares to initiate the infections. Palo Alto Networks Unit 42 said the activity spanned the months of March and April Read more…
Achieve security compliance with Wazuh File Integrity Monitoring File Integrity Monitoring (FIM) is an IT security control that monitors and detects file changes in computer systems. It helps organizations audit important files and system configurations by routinely scanning and verifying their integrity. Most information security standards mandate the use of Read more…
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw Several popular Android applications available in Google Play Store are susceptible to a path traversal-affiliated vulnerability that could be exploited by a malicious app to overwrite arbitrary files in the vulnerable app’s home directory. “The implications of this vulnerability pattern include arbitrary Read more…
Google Open Sources Magika: AI-Powered File Identification Tool Google has announced that it’s open-sourcing Magika, an artificial intelligence (AI)-powered tool to identify file types, to help defenders accurately detect binary and textual file types. “Magika outperforms conventional file identification methods providing an overall 30% accuracy boost and up to 95% higher Read more…
URGENT: Upgrade GitLab – Critical Workspace Creation Flaw Allows File Overwrite Jan 30, 2024NewsroomDevSecOps / Vulnerability GitLab once again released fixes to address a critical security flaw in its Community Edition (CE) and Enterprise Edition (EE) that could be exploited to write arbitrary files while creating a workspace. Tracked as Read more…
Opera MyFlaw Bug Could Let Hackers Run ANY File on Your Mac or Windows Jan 15, 2024NewsroomVulnerability / Browser Security Cybersecurity researchers have disclosed a security flaw in the Opera web browser for Microsoft Windows and Apple macOS that could be exploited to execute any file on the underlying operating Read more…