Zero-Day Exploits and Critical Patches Dominate as Black Basta, VMware, and Zscaler Face Scrutiny

Zscaler Rushes Patch for Critical Privilege Escalation Flaw in Windows Client Connector

Zscaler has released a security update for a high-severity privilege escalation vulnerability, CVE-2024-5407, in its Client Connector for Windows. The flaw, with a CVSS score of 7.8, could allow a local attacker with standard user privileges to gain SYSTEM-lev...

Black Basta Ransomware Gang Caught Exploiting Windows Zero-Day for SYSTEM-Level Access

The notorious Black Basta ransomware gang has been observed exploiting a now-patched zero-day vulnerability in the Microsoft Windows Error Reporting Service, tracked as CVE-2024-26169. This critical privilege escalation flaw allowed attackers to gain SYSTEM pr...

VMware Patches Critical RCE Flaws in vCenter and ESXi; Admins Urged to Update Immediately

VMware has released urgent security updates to address three critical vulnerabilities in its vCenter Server and ESXi products. The flaws include two heap-overflow vulnerabilities (CVE-2024-22252, CVE-2024-22253) with CVSS scores of 9.3, and a privilege escalat...

CISA Adds Actively Exploited SharePoint RCE Chain to KEV Catalog, Mandates Federal Patching

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two Microsoft SharePoint vulnerabilities, CVE-2023-29357 and CVE-2023-24955, to its Known Exploited Vulnerabilities (KEV) catalog. This action confirms the flaws are being actively used...

New 'Migo' Golang Malware Blinds Linux Security Tools on Redis Servers

A new Golang-based malware named 'Migo' is targeting exposed Redis servers on Linux systems. The malware's primary objective is to disable endpoint security solutions, cloud agents, and other monitoring tools, effectively blinding security teams. After neutral...

Leaked LockBit 3.0 Builder Continues to Fuel Ransomware Ecosystem, Complicating Attribution

The LockBit 3.0 ransomware builder, which was leaked in September 2022, is still being widely used by a multitude of threat actors to launch their own custom ransomware attacks. This has led to a significant proliferation of smaller, disparate ransomware opera...

Microsoft Unleashes Massive April 2024 Patch Tuesday, Fixing 149 Flaws Including Critical RCEs

Microsoft has released its April 2024 Patch Tuesday update, a substantial release addressing 149 vulnerabilities across its product portfolio. Of these, three are rated as critical: a remote code execution (RCE) flaw in Microsoft SQL Server (CVE-2024-21422), a...

Stealthy 'Cuttlefish' Malware Hides on Routers to Steal Credentials from Network Traffic

A sophisticated and stealthy malware named 'Cuttlefish' has been found infecting enterprise-grade routers. The malware is designed to remain hidden while it actively monitors network traffic passing through the device. Its primary goal is to exfiltrate sensiti...

Panda Restaurant Group Discloses Data Breach Impacting Corporate Employee Information

Panda Restaurant Group, the parent company of the Panda Express fast-food chain, has disclosed a data breach that exposed the personal information of some of its current and former corporate employees. The breach occurred in March 2024 when unauthorized actors...

'FakeBat' Malware Loader Uses Malvertising to Distribute RedLine Stealer and Other Payloads

A new and evolving malware loader, dubbed 'FakeBat', is being distributed through widespread malvertising campaigns. These campaigns use malicious ads that impersonate legitimate download pages for popular business software like Slack, Zoom, and Notion. When a...

US Offers $10 Million Bounty for Information on BlackCat (ALPHV) Ransomware Gang Leaders

The U.S. Department of State's Rewards for Justice program is offering a reward of up to $10 million for information that leads to the identification or location of key leaders of the BlackCat (also known as ALPHV) ransomware gang. This significant bounty is p...