Victim: IntelBroker | IntelBroker
Price: Not disclosed
Data: Email addresses, IP addresses, operational tactics
Keypoints :
Cybercriminal Profile: IntelBroker is a prominent figure in the cybercrime landscape, known for high-profile data breaches and ransomware attacks.
Notable Breaches: His portfolio includes breaches of major entities like AMD, Europol, and Cisco.…
Read More
Tag: PRIVILEGE
Fortinet has issued a critical advisory for a severe authentication bypass vulnerability (CVE-2024-55591) affecting its FortiOS and FortiProxy products, enabling attackers to gain super-admin privileges. This flaw is actively exploited and has a high CVSSv3 score of 9.6. Organizations are urged to upgrade their systems immediately to mitigate risks.…
Read More
Summary: Security researcher MrAle_98 has disclosed a proof-of-concept exploit for a zero-day vulnerability, CVE-2024-49138, affecting the Windows Common Log File System (CLFS) Driver. This elevation of privilege flaw, with a CVSS score of 7.8, allows attackers to gain SYSTEM privileges on affected devices. Microsoft confirmed that the vulnerability was actively exploited before a patch was released, emphasizing the urgency for users to update their systems.…
Read More
Summary: Kaspersky has revealed multiple vulnerabilities in the Mercedes-Benz User Experience (MBUX) infotainment system, which can potentially be exploited for various attacks. The carmaker has confirmed that these vulnerabilities have been patched and are difficult to exploit, requiring physical access to the vehicle. Mercedes-Benz emphasizes the importance of security and encourages researchers to report any findings through their vulnerability disclosure program.…
Read More
A series of critical vulnerabilities have been reported across various platforms, including Aviatrix Controller and Microsoft 365 applications, leading to significant security risks such as unauthorized access and data breaches. Additionally, a new phishing tactic targeting Apple iMessage users and a malicious PyPi package aimed at Discord developers have emerged, highlighting the evolving threat landscape.…
Read More
Cyble Research and Intelligence Labs (CRIL) has uncovered a cyberattack targeting organizations in Germany, utilizing a deceptive LNK file within an archive to execute a malicious payload known as Sliver. The attack employs DLL sideloading and proxying techniques to maintain stealth and control over the infected systems.…
Read More
Summary: NVIDIA has issued a security update to fix multiple vulnerabilities in its Container Toolkit and GPU Operator software, which could allow attackers to execute malicious code and escalate privileges. The most critical vulnerability, CVE-2024-0135, enables a specially crafted container image to alter a host binary, leading to severe security risks.…
Read More
Silverfort has uncovered a significant misconfiguration in Active Directory Group Policy that allows NTLMv1 authentications to persist despite attempts to disable it. This flaw poses a security risk for organizations using on-prem applications, as attackers can exploit this vulnerability to gain unauthorized access. Affected: Active Directory, NTLMv1
Read More
Keypoints :
Silverfort’s research reveals a misconfiguration in Group Policy that allows NTLMv1 authentications to continue.…
On January 14, 2025, multiple vulnerabilities were discovered in the rsync utility, with CVE-2024-12084 being the most critical as it allows for remote code execution. This article discusses detection and mitigation strategies for this vulnerability. Affected: rsync
Read More
Keypoints :
Six vulnerabilities were announced affecting the rsync utility.…
Key vulnerabilities in major platforms such as SAP, Microsoft, and Fortinet have been identified, necessitating immediate attention due to active exploitation by threat actors. The vulnerabilities include privilege escalation, unauthorized access, and critical flaws in widely used applications. Affected: SAP, Microsoft, Fortinet
Read More
Keypoints :
Cyble Research and Intelligence Labs (CRIL) analyzed vulnerabilities disclosed between January 8 and 14, 2025.…
This week’s cybersecurity newsletter highlights critical vulnerabilities in Fortinet and BeyondTrust products, the exploitation of multiple zero-day flaws by Microsoft, and emerging ransomware tactics targeting AWS. Additionally, it discusses a significant data breach at Stiiizy, the impact of healthcare data breaches in the US, and various government responses to cyber threats.…
Read More
This report presents the findings of a study on the Mercedes-Benz User Experience (MBUX) infotainment system, focusing on vulnerabilities and diagnostic subsystems that were not previously addressed. The research highlights various attack vectors, including USB and inter-process communication protocols, and identifies several critical vulnerabilities. Affected: Mercedes-Benz MBUX, automotive sector
Read More
Keypoints :
The study analyzes the first-generation MBUX system, emphasizing its architecture and diagnostic capabilities.…
This article discusses various cookies used on websites to collect anonymous data about user visits, including the number of visits, time spent, and pages loaded. These cookies serve purposes such as targeted advertising and user segmentation for marketing. Affected: websites, advertising platforms
Read More
Keypoints :
Cookies collect anonymous data related to user visits on websites.…
Summary: A critical-severity vulnerability (CVE-2024-49375) has been discovered in the Rasa framework, allowing attackers to achieve Remote Code Execution (RCE) through malicious model loading. This flaw affects both Rasa Pro and Rasa Open Source, with a CVSS score of 9.1, and is exploitable in scenarios with or without authentication.…
Read More
This report details the vulnerabilities discovered in the Mercedes-Benz User Experience (MBUX) infotainment system, particularly focusing on the first generation of MBUX subsystems. The research highlights the importance of diagnostic software, the architecture of MBUX, and the various attack vectors identified during testing. Affected: Mercedes-Benz MBUX
Read More
Keypoints :
Research focused on the first generation of MBUX infotainment system.…
A series of sophisticated cyberattacks targeting organizations in Chinese-speaking regions have been identified, utilizing a multi-stage loader called PNGPlug to deliver the ValleyRAT malware. The attacks begin with phishing tactics, leading to the installation of a malicious MSI package that deploys the malware while maintaining a facade of legitimacy.…
Read More
Summary: Recent data breaches have underscored the urgent need for enhanced security in guest Wi-Fi infrastructures across organizations. As businesses strive to balance network protection with convenient access for guests and employees, implementing secure guest Wi-Fi solutions has become essential. The integration of zero-trust architecture with cloud-based captive portals offers a robust framework for safeguarding sensitive data while ensuring compliance and operational continuity.…
Read More
Ivanti has issued a security advisory regarding two critical vulnerabilities (CVE-2025-0282 and CVE-2025-0283) affecting its Connect Secure, Policy Secure, and ZTA gateway products. CVE-2025-0282 allows remote code execution by unauthenticated attackers, while CVE-2025-0283 enables local privilege escalation for authenticated users. The article discusses observed attacks exploiting CVE-2025-0282, detailing attack phases and tools used.…
Read More
Summary: Vulnerabilities in the SimpleHelp remote access software can be easily exploited, allowing attackers to compromise both server and client machines. Key issues include a path traversal vulnerability and improper privilege escalation, which could lead to unauthorized access and remote code execution. SimpleHelp has released patches to address these vulnerabilities, urging users to update their installations promptly.…
Read More
Endpoint Detection and Response (EDR) solutions are crucial for modern cybersecurity, enabling quick threat detection and response through extensive telemetry. However, attackers utilize various evasion techniques to bypass these systems, exploiting vulnerabilities in EDR architecture and Windows core files. This guide provides insights into EDR monitoring, evasion methods, and defensive strategies.…
Read More