Information Security
Suspected nation-state actors have employed up to five distinct malware families in their post-exploitation endeavors, exploiting two zero-day vulnerabilities found in Ivanti Connect Secure (ICS) VPN appliances since early December 2023. The threat intelligence firm Mandiant, owned by Google, has…
Read more
Cisco has responded swiftly to a critical security vulnerability impacting Unity Connection by releasing essential software updates. Identified as CVE-2024-20272 with a CVSS score of 7.3, this vulnerability exposes an arbitrary file upload flaw in the web-based management interface. The…
Read more
In a groundbreaking revelation, security researchers have meticulously outlined a fresh iteration of a dynamic link library (DLL) search order hijacking technique, showcasing its potential to serve as a clandestine avenue for threat actors to circumvent security protocols and achieve…
Read more