Alerts – Cyber Labs

Google Address Critical Flaws in Android

Google, a leading technology giant, has once again demonstrated its commitment to user security by releasing...

July 11th, 2023

Fortigate still unpatched for RCE Vulnerability

No less than 330,000 FortiGate firewalls are still unpatched and vulnerable to CVE-2023-27997, a critical...

July 5th, 2023

The Surge of 8Base Ransomware Group

Ransomware attacks have become increasingly sophisticated and damaging, causing significant financial...

June 29th, 2023

Microsoft Release Optional Fix for Vulnerability

In a recent update, Microsoft has released an optional fix to address a kernel information disclosure...

June 15th, 2023

Apple Fixes Bug Allowing Bypass of SIP Root Restrictions

In recent findings, researchers from Microsoft have identified a critical vulnerability, labeled CVE-2023-32369...

June 1st, 2023

Google launches bug bounty program

Google has recently unveiled the Mobile Vulnerability Rewards Program (Mobile VRP), a new bug bounty...

May 24th, 2023

‘Security Incident’ in Twitter Circle

Twitter introduce Twitter Circle in August 2022. This allows users to send tweets to a selected set of...

May 9th, 2023

ChatGPT is Back in Italy after ban

Following the company's compliance with regulatory requirements, OpenAI announced that access to its...

May 2nd, 2023

VMware patches critical product vulnerabilities

In order to address significant security flaws in the VMware Aria Operations for Logs (previously vRealize...

April 25th, 2023

Emergency Update from Google Chrome

You must immediately check your browser after Google issued an urgent Chrome warning! Every Chrome user...

April 18th, 2023

Apple updates fix security vulnerabilities

A significant iOS security update from Apple has been released to address two zero-day flaws that are...

April 11th, 2023

3CX desktop app faces supply chain attack

According to experts from various cybersecurity firms, a threat actor is currently actively using a compromised...

April 4th, 2023

Twitter takes down leaked source code

Apparently, the source code for Twitter was posted online. According to the lawsuit, the business took...

March 28th, 2023

Ferrari Reveals Cyber Incident

Following a ransom demand received after attackers obtained access to certain of the company's IT systems,...

March 21st, 2023

POC released for critical Microsoft Word bug

Security researcher Joshua Drake has found an exploit in Microsoft Word and published a proof-of-concept...

March 14th, 2023

Chinese hackers adopt a new customized backdoor

As part of an ongoing social engineering campaign that started in January 2023, the China-aligned Mustang...

March 7th, 2023

Fortinet fixes vulnerabilities in FortiNAC and FortiWeb

FortiNAC and FortiWeb products were affected by two severe issues, which led Footinet to post 40 security...

February 28th, 2023

GoDaddy Discloses Multi-Year Security Breach

GoDaddy has discovered a significant, multi-year security flaw that gave hackers access to the company's...

February 20th, 2023

Apple releases fix WebKit zero-day vulnerability

Apple on 13th February 2023, released a fix for zero-day vulnerability in iPads, Macs and iPhones. The...

February 14th, 2023

Broken Authentication vulnerability in Jira Service Management

Jira Service Management Server and Data Center had serious security flaws that have been fixed by Atlassian....

February 7th, 2023

Microsoft advises administrators to patch Exchange servers

Microsoft advises users to maintain their Exchange servers' security updates as well as take precautions...

January 31st, 2023

GoTo Suffers a Data Breach

Owner of LastPass, GoTo confirms that backups belonging to customers were stolen by hackers. The organization,...

January 26th, 2023

Thousands of Norton LifeLock customer accounts breached

Thousands NortonLifeLock customer accounts have been compromised. The parent firm of Norton LifeLock,...

January 19th, 2023

Toyota reports a data breach

A widespread cyberattack on Toyota has revealed several customers' private information. Toyota confirmed...

January 10th, 2023

Twitter database leaks with 235 Million records

On a well-known hacker site, a data dump containing the email addresses of 235 million Twitter users...

January 5th, 2023

Facebook will pay $725 million to resolve the Cambridge Analytica data leak lawsuit

Facebook's parent company, Meta, has agreed to pay £600 million to resolve a lawsuit involving a data...

December 29th, 2022

Microsoft fixes 2 zero-days on December 2022 Patch Tuesday

On 13th December 2022 was the December Patch Tuesday, and 2 zero-day vulnerabilities and 49 flaws were...

December 14th, 2022

Flaws in Cisco Secure Email Gateway

Cisco Systems Inc. has issued a bug report on alerting the public about a flaw in the Sophos and McAfee...

December 6th, 2022

Google releases an urgent Chrome upgrade

In order to patch the eight zero-day vulnerabilities in its Chrome web browser, Google released software...

November 29th, 2022

Active Exploitations in Cisco AnyConnect VPN Vulnerabilities

Threat actors are reportedly using the Cisco AnyConnect Secure Mobility Client for Windows' vulnerabilities,...

November 24th, 2022

Multiple vulnerabilities in Fortinet products

Security researchers at Horizon3 reported on 13th October 2022, that the critical vulnerability, designated...

November 15th, 2022

Vulnerabilities in Abode Systems home security kit

The iota All-In-One Security Kit from Abode Systems Inc. was found to have numerous vulnerabilities....

November 3rd, 2022

vm2 Sandbox Vulnerability allows RCE

Recently, it was discovered that VM2, a widely used JavaScript sandbox library, contained the "Sandbreak"...

October 18th, 2022

Zero-Day RCE Vulnerability in Sophos Firewall

Sophos Group plc the British based security software and hardware company released a security advisory...

October 4th, 2022

Apple Vulnerabilities added to CISA Catalog

US Cybersecurity and Infrastructure Security Agency (CISA) released an advisory a security update of...

September 27th, 2022

VMware Patches Privilege Escalation affecting VMware Tools

VMware published a security advisory addressing an important-severity vulnerability on August 23, 2022....

September 13th, 2022

Google Patch Sixth Zero-day

Google issued a critical security update for Google Chrome version 105.0.5195.102 for Windows, Mac, and...

September 8th, 2022

Multiple Vulnerabilities in GitLab CE and EE are Fixed by GitLab

GitLab published a security advisory on August 30, 2022, to remedy a critical security flaw that has...

September 6th, 2022

Critical Vulnerability in Realtek Devices Affects Millions of Devices

A critical vulnerability tracked as CVE-2022-27255 was reported to be affecting the network devices of...

August 29th, 2022

Apple releases fix zero-day vulnerabilities used in attacks

On 18th August 2022 Apple Inc. released a security update for a zero-day vulnerability exploited in Safari...

August 26th, 2022

Microsoft August 2022 Patch Tuesday

Microsoft August 2022 Patch Tuesday (9th August 2022) released patches for 2 zero-day vulnerabilities...

August 10th, 2022

Django release patches for SQL Injection Vulnerability

A security advisory was released by Django project on a high severity SQL (structured query language...

August 2nd, 2022

VMware vCenter Server updates address a privilege escalation vulnerability (CVE-2021-22048)

VMware finally released patch after eight months of disclosing the high severity vulnerability in VMware...

August 1st, 2022

CISA urges users to update necessary patches in Cisco Products

On 22nd July 2022, the US Cybersecurity and Infrastructure Security Agency (CISA) released an advisory...

July 25th, 2022

Critical Vulnerability in Confluence Server and Data center

Atlassian disclosed a critical vulnerability tracked as CVE-2022-26134 on 2nd June 2022. This is a Critical...

July 22nd, 2022

Google Patches Zero – day Vulnerability in Chrome

Google on last Monday 4th July 2022 released an emergency chrome update to fix a high severity zero –...

July 11th, 2022

Amazon has Fixed a High Severity Vulnerability in Amazon Photos Android App

On 28th June 2022, Checkmarx has reported that Amazon Inc’s Amazon Photos Android app has a high-severity...

July 5th, 2022

CISA urges organizations to update Firefox, Firefox ESR, and Thunderbird

On 28th June 2022, The Mozilla Foundation has released patch to fix multiple vulnerabilities in Firefox,...

July 4th, 2022

Ransomware Exploiting Mitel VOIP Zero-Day

On June 23rd 2022 Crowdstrike released a report mentioning about a zero-day exploit tracked as CVE-2022-29499...

June 27th, 2022

Adobe patched 46 Security Flaws in a Wide Range of Enterprise-facing Software Products

On Patch Tuesday release for June, Adobe released multiple security advisories to address 46 vulnerabilities...

June 20th, 2022

Massive DDoS attack mitigated

Internet infrastructure organization Cloudflare stated that they mitigated a record breaking 26 million...

June 16th, 2022

Apple blocks many Applications from defrauding Users

It has been stated by Apple Inc that over the course of last week that more than 343,000 iOS apps were...

June 7th, 2022

Follina-A severe Zero-Day Code Execution Vulnerability

May of 2022, Microsoft disclosed a remote code execution (RCE) vulnerability in the Microsoft Support...

June 2nd, 2022

Critical bugs in Android apps from major Mobile providers

Security researchers at Microsoft have detected high severity vulnerabilities in a framework used by...

June 1st, 2022

Verizon suffers Ransomware Attack

A database was stolen from Verizon was stolen by an attacker, that includes full name, email address,...

May 30th, 2022

A Malware through documents

According to threat analysts it has been found a recent malware circulation campaign using PDF attachments...

May 23rd, 2022

Eternity Malware-as-a-Service

It has been found that cybercriminals are now promoting a new modular, malware-as-a-service offering...

May 14th, 2022

Xbox goes down

It was reported by Microsoft that Xbox Live services are currently down in a major outage, impacting...

May 9th, 2022

A threat to Twitter verified account owners

Phishing scams as we all know continue to target verified account owners on social media platforms, recently...

May 5th, 2022

Black Basta in Action

A brand new ransomware gang known as Black Basta has swiftly catapulted in to action in the month of...

April 28th, 2022

When mute is really not MUTED?

According to a new study and research it has been found that pressing the mute button on some of the...

April 18th, 2022

What if you’re being watched without your knowledge?

A vulnerability/flaw in the 'Wyze' camera lets hackers watch your saved content! A vulnerability in...

March 30th, 2022

Lapsus$ attacks again, This time it’s Microsoft

It was confirmed by Microsoft that one of their employee's accounts had been compromised by Lapsus$ hacking...

March 24th, 2022

‘GhostCringe’ Malware threatening Microsoft SQL and MySQL servers

Threat actors target poorly secured Microsoft SQL and MySQL database servers to execute GhostCringe remote...

March 17th, 2022

Malicious File being distributed via YouTube

YouTube being used to distribute Malwares? It was recently discovered by the SEC analysis team that...

March 14th, 2022

Hackers have Samsung Source Code

Samsung Confirms threat actors have stolen their devices source code! It was confirmed on Monday by...

March 8th, 2022

‘AON’ Insurance Giant struck by a Cyberattack during the Weekend

What is AON? Professional services and insurance giant AON suffered a cyberattack that impacted a...

March 1st, 2022

Monzo Online-Banking Customers at risk of being ‘Phished’

Monzo Online-Banking Users targeted by Phishing Attacks! One of UK's most popular digital-only banking...

February 22nd, 2022

Cybersecurity & Infrastructure Agency Orders Federal Agencies to mend actively exploited Windows bug

The Cybersecurity and Infrastructure Security Agency most commonly known as 'CISA' has instructed federal...

February 11th, 2022

Apache Log4j Vulnerability

What is Log4j Vulnerability? Log4j is Apache developed logging tool used in many java-based applications....

December 20th, 2021

Kali Linux Release 2021.4

Kali Linux released its newest version 2021.4 which includes nine new tools and features. Kali Linux...

December 10th, 2021

Google announced to have disrupted the Glupteba botnet

On 7th Dec 2021 google announced that they have stopped botnet Gluteba, a botnet that has spread malware...

December 9th, 2021

Microsoft seized domains used by the APT15 Chinese cyberespionage group

On 6th December 2021 Microsoft seized malicious sites used by the APT15 (also known as Nickel, KE3CHANG,...

December 8th, 2021

SPAR stores switched to cash only after suspected cyberattack

International Supermarket franchise SPAR which operates around 13,00 stores in more than 45 countries...

December 7th, 2021

An authentication bypass vulnerability in Zoho’s ManageEngine is being exploited in the wild

On 3rd December 2021 Manage Engine released a security update on the vulnerability tracked as CVE-2021-44515....

December 6th, 2021

Mozilla Fix a Security Flaw in Network Security Services Cryptography Library

On 1st December 2021, Mozilla release a Security Advisor addressing the Critical vulnerability affecting...

December 3rd, 2021

RTF injection technique is used by APT group in recent phishing attacks

Three State sponsored threat actors from China, India and Russia is using a new novel RTF (Rich Text...

December 2nd, 2021

Android Banking Trojan Campaigns Infected Over 300,000 Users

ThreatFabric researchers has discovered a malware campaign that distribute android trojans that spread...

December 1st, 2021

Panasonic disclosed a security breach

Panasonic the Japanese multinational conglomerate disclosed a security breach after threat actors gained...

November 30th, 2021

IKEA faces a cyberattack

Security news platform Bleeping Computer reported on 26th November 2021 that IKEA is facing a cyber-attack...

November 29th, 2021

Warnings about Scammers targeting people for Black Friday

Black Friday sales has arrived, and phishing attackers and online-shopping scams are using big brands...

November 26th, 2021

Apple sues NSO Group for using Pegasus spyware on iPhone Users

On 23rd November 2021, Apple sue NSO Group and its parent company Q Cyber Technologies in a U.S. federal...

November 25th, 2021

Android Info Stealing trojan has infected more than 9 million Android Devices

A Malware Trojan name Android.Cynos.7. origin has been found in 190 games on Huawei’s AppGallery. It’s...

November 24th, 2021

GoDaddy data breach has affect 1.2 million customers

On 22nd November 2021 GoDaddy published a data breach notification stating that 1.2 million customer...

November 23rd, 2021

Most Commonly used Passwords in 2021

According to the Analysis done by NordPass taking data dumps which has been published online it was found...

November 22nd, 2021

New phishing campaign targeting Tiktok influencers Accounts

Tiktok accounts belongs to influencers, influencers management firms, brand consultants, social production...

November 19th, 2021

Fake Ransomware attacks on WordPress sites

Around 300 hacked WordPress sites showed a fake encryption notice demanding a 0.1 bitcoin ransom. This...

November 17th, 2021

Millions of IoT and routers with more than 30 exploits are targeted by BotenaGo Malware

Malware written in the go language has been discovered that puts millions of NAS, routers, and Internet...

November 16th, 2021

Hacked FBI Email Server has sent out fake cyberattack warnings

Federal Bureau of Investigation (FBI) email server was used to send around ten thousand of fake emails...

November 15th, 2021

91% Baiting email attacks are done using Gmail accounts

Summary A Bait attack is kind of a phishing attack where the attackers try to gather information about...

November 12th, 2021

Netflix, Instagram, and Twitter users are being targeted by a new Android Malware

MasterFred a new android malware is using fake login overlays to steal credit card information from Instagram,...

November 11th, 2021

Microsoft fixes 6 zero-days on November 2021 Patch Tuesday

9th October 2021 is the patch Tuesday, and it was fix 6 zero-day vulnerabilities where 2 of them are...

November 10th, 2021

Reward of $10 million for information on DarkSide Ransomware group

Summary The US State Department said in a Press Release on 4th Nov 2021 that they are offering a reward...

November 8th, 2021

Cisco release updates fixing the default SSH key and hard-coded credentials issues

On 4th Nov 2021, two critical vulnerabilities that allowed unauthenticated attackers to log in to affected...

November 5th, 2021

Facebook shut down its Face Recognition system and delete 1 billion faceprints

Summary On 2nd Nov 2021 Facebook Company now rebranded as Meta published and announcement saying that...

November 4th, 2021

Unauthenticated Remote code Execution in GitLabs is exploited in wild

Summary CVE-2021-22205 is a critical remote code execution vulnerability in the service’s web interface....

November 3rd, 2021

Kaspersky Emails are seen in recent office 365 phishing campaign

Summary On 1st November 2021 Kaspersky release and advisory mentioning that their experts were able...

November 2nd, 2021

Chaos ransomware lures Minecraft gamers via fake alt lists

Summary Minecraft is a popular game which has been popular for continuously 12 years now, where around...

November 1st, 2021

A Flaw in OptinMonster plugin has affected over 1 million WordPress Sites

Summary This security flaw in OptinMonster plugin were first discovered by Wordfence on 28th September...

October 29th, 2021

Cyberattack in Iran temporarily disrupts gas stations

Summary On 26th Oct 2021, National Iranian Oil Products Distribution Company (NIOPDC) gas stations...

October 28th, 2021