advanced persistant threats

Understanding Advanced Persistent Threats

What are Advanced Persistent Threats(APTs)?  Advanced persistent threats (APTs) are a type of cyber attack that poses a serious threat to organizations and individuals alike. In this article, we will delve into ...
A closeup of an iPhone, lying screen down on a table

#iLeakage: All Apple CPUs Vulnerable — No Patch in Sight

Son of Spectre: No fix for iOS, “unstable” workaround for macOS ...
Security Boulevard
webui.conf

Cisco IOS XE CVE-2023-20198 and CVE-2023-20273: WebUI Internals, Patch Diffs, and Theory Crafting

| | Blog, Red Team
Introduction There has been a lot of news around the recent Cisco IOS XE vulnerabilities CVE-2023-20198 and CVE-2023-2073. Information about this vulnerability was first published by Cisco on October 16th, […] The ...
NextGen Mirth Connect Remote Code Execution Vulnerability (CVE-2023-43208)

NextGen Mirth Connect Remote Code Execution Vulnerability (CVE-2023-43208)

| | Blog, Disclosures, Red Team
Mirth Connect, by NextGen HealthCare, is an open source data integration platform widely used by healthcare companies. Versions prior to 4.4.1 are vulnerable to an unauthenticated remote code execution vulnerability, CVE-2023-43208. If ...

LinkedIn Smartlinks Attacks Target Microsoft Accounts

In the ever-evolving landscape of cybersecurity threats, hackers have once again employed a cunning strategy by exploiting LinkedIn’s Smart Links in phishing attacks, aiming to steal Microsoft account credentials. These sophisticated LinkedIn ...
ChatGPT Gemini generative AI

IBM: ChatGPT-Generated Can Write Convincing Phishing Emails

OpenAI’s widely popular ChatGPT can write phishing emails that are almost as convincing as those created by humans and can write them exponentially faster, according to research from IBM that is sure ...
Security Boulevard
VMware Aria Operations for Logs CVE-2023-34051 Technical Deep Dive and IOCs

VMware Aria Operations for Logs CVE-2023-34051 Technical Deep Dive and IOCs

| | Blog, Red Team
Introduction This report is a follow up to https://www.horizon3.ai/vmware-vrealize-log-insight-vmsa-2023-0001-technical-deep-dive/. Earlier this year we reported the technical details for VMSA-2023-0001 affecting VMware Aria Operations for Logs (formerly VMware vRealize Log Insight). […] The ...
ķ≠k

KeePass Malicious Ads: Google Goof Permits Punycode Attacks Again

Mote below k: Not only malvertising, but also “verified by Google.” ...
Security Boulevard