Category: Kamban

Progress Software warned customers to patch multiple critical and high-severity vulnerabilities in its WhatsUp Gold network monitoring tool as soon as possible. However, even though it released WhatsUp Gold 24.0.1, which addressed the issues last Friday and published an advisory on Tuesday, the company has yet to provide any details regarding these flaws. “The WhatsUp Gold…

Microsoft has released the September 2024 preview cumulative update for Windows 11 23H2 and 22H2, with 13 improvements and fixes for multiple issues, including Edge and task manager freezes. KB5043145 is a monthly optional update designed to help Windows admins test bug fixes, new features, and improvements that will be rolled out to all customers…

Under certain conditions, attackers can chain a set of vulnerabilities in multiple components of the CUPS open-source printing system to execute arbitrary code remotely on vulnerable machines. Tracked as CVE-2024-47076 (libcupsfilters), CVE-2024-47175 (libppd), CVE-2024-47176 (cups-browsed) and CVE-2024-47177 (cups-filters) and discovered by Simone Margaritelli, these security flaws don’t affect systems in their default configuration. CUPS (short…

A new variant of the RomCom malware called SnipBot, has been used in attacks that pivot on the network to steal data from compromised systems. Palo Alto Network’s Unit 42 researchers discovered the new version of the malware after analyzing a DLL module used in SnipBot attacks. The latest SnipBot campaigns appear to target a…

A group of security researchers discovered critical flaws in Kia’s dealer portal that could let hackers locate and steal millions of Kia cars made after 2013 using just the targeted vehicle’s license plate. Almost two years ago, in 2022, some of the hackers in this group, including security researcher and bug bounty hunter Sam Curry, found…

The Tor Project and Tails OS are merging operations to better collaborate for a free internet by protecting users from surveillance and censorship. The idea of the merger came late last year from Tails, due to the organization outgrowing the existing structure and to protect its workers from the added stress of expanding the framework.…

The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has sanctioned Cryptex and PM2BTC, two cryptocurrency exchanges that laundered funds from Russian ransomware gangs and other cybercrime groups. Cryptex (which used the cryptex[.]net domain) reportedly provides financial services to cybercriminals and laundered over $51 million in funds linked to ransomware attacks. “Cryptex is also…

WordPress.org has banned WP Engine from accessing its resources and stopped delivering plugin updates to websites hosted on the platform, urging impacted users to choose other hosting providers. The open-source project claims that the move comes in response to WP Engine’s alteration of a WordPress core feature for its own profit and its blocking of…

A crypto draining app mimicking the legitimate ‘WalletConnect’ project has been distributed over Google Play for five months getting more than 10,000 downloads. The malicious app used the name WallConnect and posed as a lightweight Web3 tool with various blockchain functionalities, offering to act as a proxy between cryptocurrency wallets and decentralized applications (dApps). The real…