Description: Researchers from Bitsight and Curesec have published an article detailing their joint discovery of a new high-severity vulnerability affecting the Service Location Protocol (SLP), which is…
Description: Researchers at Sucuri have published a blog detailing their recent observations of attackers using an outdated and insecure WordPress plugin to create a backdoor into compromised…
Description: The National Cyber Security Centre (NCSC), alongside the US National Security Agency, has released a joint advisory detailing the tactics and techniques used by a Russian…
Description Cyble Research & Intelligence Labs (CRIL) has posted an article raising awareness of a new Android Trojan, ‘Chameleon’, which has been active since the beginning of…
Affected Systems: Google Chrome/Chromium Web Browser (Windows, Mac and Linux) Description: On the 4th of April, a Google Threat Analysis Group (TAG) member discovered a Zero-Day…
What is a Self-Extracting Archive? SFXs are a method of compressing files that, when opened, will extract the file’s contents automatically. They’re often used legitimately…
Description: 3CX, a software-based communication system for businesses, recently fell victim to a malware attack potentially affecting 600,000 clients. The malware attack has targeted both…
We understand from a Crowdstrike report that on March 29, 2023, malicious activity was observed emanating from a legitimate, signed binary, 3CXDesktopApp — a softphone application from…
Microsoft’s March 2023 Patch Tuesday includes a fix for a privilege elevation vulnerability that has been seen actively exploited and affects all supported versions of Microsoft Outlook…