/* * This file is part of the Symfony package. * * (c) Fabien Potencier * * For the full copyright and license information, please view the LICENSE * file that was distributed with this source code. */ namespace Symfony\Component\String; if (!\function_exists(u::class)) { function u(?string $string = ''): UnicodeString { return new UnicodeString($string ?? ''); } } if (!\function_exists(b::class)) { function b(?string $string = ''): ByteString { return new ByteString($string ?? ''); } } if (!\function_exists(s::class)) { /** * @return UnicodeString|ByteString */ function s(?string $string = ''): AbstractString { $string = $string ?? ''; return preg_match('//u', $string) ? new UnicodeString($string) : new ByteString($string); } } VPN – OWASP Jakarta

VPN

PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps

PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps Cybersecurity researchers have flagged a new malware called PLAYFULGHOST that comes with a wide range of information-gathering features like keylogging, screen capture, audio capture, remote shell, and file transfer/execution. The backdoor, according to Google’s Managed Defense team, shares functional Read more…

By adminowasp, ago

Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge: Exposing the Rogue Cyberheaven Compromised Chrome VPN Extensions Ecosystem

Dancho Danchev’s Blog – Mind Streams of Information Security Knowledge: Exposing the Rogue Cyberheaven Compromised Chrome VPN Extensions Ecosystem Here we go. It appears that the individuals behind the successful compromise of the Cyberheaven VPN Chrome extensions are currently busy or at least have several other upcoming and in the Read more…

By adminowasp, ago
New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation

New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation

New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation Researchers have detailed a Virtual Private Network (VPN) bypass technique dubbed TunnelVision that allows threat actors to snoop on victim’s network traffic by just being on the same local network. The “decloaking” method has been assigned the CVE identifier CVE-2024-3661 (CVSS score: 7.6). It impacts Read more…

By adminowasp, ago
Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware

Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware

Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN appliances. UNC5325 abused CVE-2024-21893 to deliver a wide range of new malware called LITTLELAMB.WOOLTEA, PITSTOP, PITDOG, PITJET, Read more…

By adminowasp, ago
Ivanti VPN Products

Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass Exploitation

Recent SSRF Flaw in Ivanti VPN Products Undergoes Mass Exploitation Feb 06, 2024NewsroomCybersecurity / Vulnerability A recently disclosed server-side request forgery (SSRF) vulnerability impacting Ivanti Connect Secure and Policy Secure products has come under mass exploitation. The Shadowserver Foundation said it observed exploitation attempts originating from more than 170 unique Read more…

By adminowasp, ago