Category: Kamban

Palo Alto Networks warned customers today to patch security vulnerabilities (with public exploit code) that can be chained to let attackers hijack PAN-OS firewalls. The flaws were found in Palo Alto Networks’ Expedition solution, which helps migrate configurations from other Checkpoint, Cisco, or supported vendors. They can be exploited to access sensitive data, such as…

Mozilla has issued an emergency security update for the Firefox browser to address a critical use-after-free vulnerability that is currently exploited in attacks. The vulnerability, tracked as CVE-2024-9680, and discovered by ESET researcher Damien Schaeffer, is a use-after-free in Animation timelines. This type of flaw occurs when memory that has been freed is still used…

Microsoft has fixed a known issue that was causing Word to delete some Windows users’ documents instead of saving them. On affected systems, locally saved files were deleted after saving because of this Word bug issue if their filenames included the # symbol or had a capitalized filename extension, such as .DOCX or .RTF. This…

In today’s cybersecurity landscape, evolving threats require security solutions that match the sophistication of modern threats. As businesses rapidly adopt emerging technologies, their exposure to cyberattacks increases. To mitigate these risks, cybersecurity teams need adaptable and comprehensive tools to protect their digital ecosystems effectively. Security Information and Event Management (SIEM) and Extended Detection and Response…

A group of pro-Ukrainian hacktivists has claimed responsibility for the September breach of Russian security company Doctor Web (Dr.Web). Dr.Web confirmed last month that its network was breached on September 14, which forced it to disconnect all internal servers and stop pushing virus database updates to customers while investigating the incident. In a Tuesday Telegram…

An international law enforcement operation led to the arrest of one of the three administrators of the dual dark web market ‘Bohemia/Cannabia,’ known for hosting ads for drug sales and distributed denial of service (DDoS) attacks. The man was arrested at the Schiphol airport in Amsterdam on June 27, 2024, and electronic devices containing incriminating…

Discord has been suddenly blocked in Russia and Turkey since yesterday due to illegal activity residing on the platform, leaving legitimate users in those countries unable to visit the website or connect to the service. While Discord started as a communication and community-building space for gamers, it has since expanded to include a broad spectrum…

What Is Big Game Hunting in Cybercrime? Cyberattacks called big game hunting (BGH) involve threat actors targeting big businesses – the “big game” – and demanding huge amounts of money in the form of a ransom. The term derives from “hunting large, dangerous animals,” an allusion to the high risk/high reward of such attacks. They…

An automated scanner has been released to help security professionals scan environments for devices vulnerable to the Common Unix Printing System (CUPS) RCE flaw tracked as CVE-2024-47176. The flaw, which enables attackers to perform arbitrary remote code execution if certain conditions are met, was disclosed late last month by the person who discovered it, Simone…

Microsoft reminded customers today that multiple editions of Windows 11 22H2 and 21H2 have reached their end of servicing. This announcement applies to Windows 11 22H2 Home, Pro, Pro Education, Pro for Workstations, and SE editions released on September 20, 2022. One year after the Home and Pro editions, Windows 11 21H2 Enterprise, Education, and IoT…