New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems
A beforehand undocumented command-and-manage (C2) framework dubbed Alchimist is most likely currently being used in the wild to focus on Windows, macOS, and Linux devices. The Alchimist C2 can generate [...]
Aruba Released Patches for EdgeConnect’s Critical Vulnerabilities
Aruba addressed multiple critical severity vulnerabilities in the EdgeConnect Enterprise Orchestrator that can be exploited by remote attackers to compromise the vulnerable host. According to the company, a network-based attacker [...]
Critical RCE Vulnerability with Max CVSS Score in VM2 Sandbox Library
A critical vulnerability in vm2 might let a remote attacker bypass the sandbox environment and execute shell commands on the device hosting the sandbox. About the Vulnerability The most widely used Javascript sandbox library is vm2, which receives [...]
Microsoft Patch Tuesday Fixes New Windows Zero-Day; No Patch for Exchange Server Bugs
Microsoft released fixes for a Windows zero-day and a publicly disclosed vulnerability on October Patch Tuesday but security updates for two Exchange Server zero-days discovered last month are still in [...]
Researchers Detail Malicious Tools Used by Cyberespionage Group Earth Aughisky
A brand new piece of analysis has detailed the more and more refined nature of the malware toolset employed by a sophisticated persistent risk (APT) group named Earth Aughisky. Earth Aughisky [...]
FHN 
