Cyber Security
ManageEngine Password Manager Pro Multiple Vulnerabilities
Meta Addresses Password Reset Vulnerability That Could Lead to Facebook Account Hijacking
Researcher Samip Aryal has uncovered a vulnerability in Facebook’s account takeover process that exists within the password reset flow. This vulnerability is related to specific endpoint traffic rate limiting, allowing attackers the opportunity to exploit dynamic passwords through brute force…
Microsoft Fixes Windows Kernel Bug Exploited as Zero-Day Since August
Microsoft has recently patched a critical privilege escalation vulnerability in the Windows Kernel that was actively exploited as a zero-day for six months. Tracked as CVE-2024-21338, the flaw was discovered by Jan Vojtěšek, a Senior Malware Researcher at Avast, in…
Epic Games Denies Hacking Claims by Mogilevich Gang, Cites “Zero Evidence
Epic Games has responded to claims made by the Mogilevich extortion group, stating that they have found no evidence of a cyberattack or data theft on their servers. In a statement to BleepingComputer, Epic Games said, “We are currently investigating,…
Hacker Groups Exploit Critical ScreenConnect Vulnerability, Black Basta and Bl00dy Identified as Perpetrators
On February 20, cybersecurity provider ConnectWise disclosed high-risk vulnerabilities CVE-2024-1708 and CVE-2024-1709 (collectively known as SlashAndGrab) in its remote desktop connection system, ScreenConnect. The ransomware group LockBit immediately leveraged these vulnerabilities to target clinics, veterinary hospitals, and local government systems…