The Information Highway

The Information Highway

7-Zip vulnerability

Threat-Advisory-Banner3

Threat update

A security vulnerability in 7-Zip allows remote attackers to bypass defenses and execute malicious code via specially crafted archives. Read this Cybersecurity Threat Advisory to learn how to mitigate your risk from this new threat. 

Continue reading
  105 Hits

Apache fixes critical OFBiz remote code execution vulnerability

apache-header-image

Apache has fixed a critical security vulnerability in its open-source OFBiz (Open For Business) software, which could allow attackers to execute arbitrary code on vulnerable Linux and Windows servers.

Continue reading
  303 Hits

Google tags a tenth Chrome zero-day as exploited this year

Google_Chrome

Today, Google revealed that it patched the tenth zero-day exploited in the wild in 2024 by attackers or security researchers during hacking contests.

Continue reading
  323 Hits

ASUS warns of critical remote authentication bypass on 7 routers

asus

ASUS has released a new firmware update that addresses a vulnerability impacting seven router models that allow remote attackers to log in to devices.

Continue reading
  481 Hits

CISA tags Microsoft SharePoint RCE bug as actively exploited

SharePoint

CISA warns that attackers are now exploiting a Microsoft SharePoint code injection vulnerability that can be chained with a critical privilege escalation flaw for pre-auth remote code execution attacks.

Continue reading
  1757 Hits

Windows cryptomining attacks target graphic designer's high-powered GPUs

graphics-card

Cybercriminals are leveraging a legitimate Windows tool called 'Advanced Installer' to infect the computers of graphic designers with cryptocurrency miners. 

Continue reading
  908 Hits

LinkedIn accounts hacked in widespread hijacking campaign

hacker-holding-linkedin

LinkedIn is being targeted in a wave of account hacks resulting in many accounts being locked out for security reasons or ultimately hijacked by attackers. 

Continue reading
  1206 Hits

Dell Compellent hardcoded key exposes VMware vCenter admin creds

cyber-ke_20230814-034646_1

An unfixed hardcoded encryption key flaw in Dell's Compellent Integration Tools for VMware (CITV) allows attackers to decrypt stored vCenter admin credentials and retrieve the cleartext password. 

Continue reading
  1190 Hits

Lazarus hackers linked to $60 million Alphapo cryptocurrency heist

cryptocurrency-assorted

Blockchain analysts blame the North Korean Lazarus hacking group for a recent attack on payment processing platform Alphapo where the attackers stole almost $60 million in crypto. 

Continue reading
  1016 Hits

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023