Arab Security Consultants

  • Home
  • Courses
    • EC-Council Programs
    • EC-Council iWeek Courses
    • PECB
      • ISO/IEC 27001 Lead Implementer
      • ISO/IEC 27001 Lead Auditor
    • Cyber Book
  • Organized Events
    • Arab Security Conference
    • Arab Security Cyber WarGames
  • Services
    • CodeRed
    • OhPhish
    • Risk Assessment
    • Social Engineering
    • Identity & Access Security
    • Vulnerability Assessment
    • Penetration Testing
  • Training centers
  • EC-Council with ASC
  • News
  • Contact Us
  • Home
  • News
  • Archive from category "News"
  • (
  • Page 2
  • )
 

Category: News

Users are vulnerable to command injection attacks due to a critical flaw in Cisco IP Phone Series

Thursday, 02 March 2023 by ASC

On March 1, 2023, Cisco released security updates for its IP Phone series 6800, 7800, 7900, and 8800 to address a critical command injection vulnerability (CVE-2023-20078) rated 9.8 on the CVSS scoring system. The flaw is caused by a web-based management interface, which lacks proper user-supplied input validation, allowing an unauthenticated, remote attacker to inject

  • Published in News
Tagged under: cyberSecurity, CyberThreats

Trojanized macOS apps are used by hackers to distribute cryptocurrency mining malware

Sunday, 26 February 2023 by ASC

Jamf Threat Labs has discovered that Trojanized versions of legitimate applications are being used to deploy evasive cryptocurrency mining malware on macOS systems. The malware, called XMRig coin miner, is executed by an unauthorized modification in Final Cut Pro, an Apple video editing software. The malware makes use of the Invisible Internet Project (i2p) to

  • Published in News
Tagged under: cyberSecurity

Apple warns of three new vulnerabilities affecting iPhones, iPads, and Macs

Thursday, 23 February 2023 by ASC

Apple has released revised security advisories to address three new vulnerabilities that could impact iOS, iPadOS, and macOS. One of the vulnerabilities is a race condition in the Crash Reporter component that could allow a malicious actor to read arbitrary files as root, while the other two vulnerabilities in the Foundation framework could be weaponized

  • Published in News

Norway confiscates $5.84 million worth of cryptocurrency stolen by Lazarus hackers

Tuesday, 21 February 2023 by ASC

The Norwegian police agency Økokrim has announced the seizure of $5.84 million worth of cryptocurrency, which was stolen by the Lazarus Group in March 2022 after the Axie Infinity Ronin Bridge hack. The Oslo-based crime-fighting unit stated that this case highlights its capacity to trace the money trail on the blockchain, even when criminals use

  • Published in News
Tagged under: cyberSecurity

Open Source Antivirus Software ClamAV Detected with Critical RCE Vulnerability

Sunday, 19 February 2023 by ASC

Cisco has recently released security updates to address a severe vulnerability in the ClamAV open-source antivirus engine, which could result in remote code execution on susceptible devices. The vulnerability is tracked as CVE-2023-20032, with a CVSS score of 9.8, and it pertains to remote code execution in the HFS+ file parser component. Versions 1.0.0 and

  • Published in News
Tagged under: cyberSecurity

New M2RAT malware from North Korea’s APT37 targets South Korea

Thursday, 16 February 2023 by ASC

The notorious APT37, a North Korea-linked threat actor, has recently been spotted utilizing a new piece of malware called M2RAT in its ongoing attacks against its southern neighbor. These developments signify a further evolution of the group’s tools and tactics. APT37, also known as Reaper, RedEyes, Ricochet Chollima, and ScarCruft, is associated with North Korea’s

  • Published in News
Tagged under: CyberAttacks

Thousands of WordPress sites have been infected by a massive AdSense fraud campaign

Wednesday, 15 February 2023 by ASC

The malicious black hat redirect malware campaign has now grown larger and more insidious, infecting over 10,800 websites with over 70 bogus domains, mimicking URL shorteners. The main objective of this malware is to artificially increase traffic to pages that contain Google Ads, generating revenue from AdSense ID, which is used for ad fraud. The

  • Published in News
Tagged under: CyberAttacks

Massive HTTP DDoS Attack Hits Record High of 71 Million Requests Per Second

Tuesday, 14 February 2023 by ASC

Cloudflare, the web infrastructure company, stopped an unprecedented DDoS attack on Monday with a record-breaking peak of over 71 million requests per second. This historic “hyper-volumetric” attack was the largest HTTP DDoS attack on record, surpassing the previous 46 million RPS attack that was mitigated by Google Cloud in June 2022. These massive attacks targeted

  • Published in News
Tagged under: CyberAttacks, cyberSecurity

A zero-day vulnerability has been discovered in Apple’s iOS, iPadOS, macOS, and Safari

Tuesday, 14 February 2023 by ASC

Apple has taken swift action to safeguard its users by releasing security updates for its various operating systems, including iOS, iPadOS, macOS, and Safari, to fix a critical zero-day vulnerability. The flaw, tracked as CVE-2023-23529, is a type of confusion bug in the WebKit browser engine that could allow malicious actors to execute arbitrary code

  • Published in News
Tagged under: cyberSecurity, CyberThreats

CISA Warns of Active Attacks Exploiting TerraMaster NAS, Fortra MFT, and Intel Driver Flaws

Sunday, 12 February 2023 by ASC

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to the public, adding three newly discovered security vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. This move is a result of evidence suggesting that these flaws are being actively abused in the wild. Among the three is CVE-2022-24990, a serious bug found

  • Published in News
  • 1
  • 2
  • 3
  • 4
  • 5
  • Home
  • Contact Us
  • Services
  • Training Centers
  • GET SOCIAL

Arab Security Consultants | Copyright © 2023 All rights reserved.

TOP