ElizaRAT Uses Google, Telegram, & Slack for C2 Communications
APT36, a Pakistani cyber-espionage group, now uses ElizaRAT, a Windows RAT with advanced evasion and C2 features, to target Indian government, diplomats, and military. APT36 uses Windows, Linux, and Android [...]
Hackers Exploit Windows Event Logs for Manipulation and Data Theft
Hackers exploit wevtutil.exe for LOLBAS attacks, enabling command execution, payload downloads, and persistence while bypassing security. wevtutil.exe is a Windows tool for managing event logs, but attackers can misuse it [...]
Apple Safari JavaScriptCore RCE Vulnerability Actively Exploited
CVE-2024-44308, a critical Safari vulnerability, has been actively exploited, impacting iOS, visionOS, and macOS. Affected Software and Versions The CVE-2024-44308 vulnerability impacts several Apple platforms, as summarized below: SoftwareAffected VersionPatched [...]
Amazon GuardDuty Gains AI/ML Threat Detection for Cloud Security
Amazon has improved cloud security with AI/ML threat detection in GuardDuty. This new feature enhances threat detection by using AWS's cloud visibility and scale to better protect applications, workloads, and [...]
HPE IceWall Flaw Enabled Unauthorized Data Changes
HPE has released a security alert about a critical flaw in its IceWall product, CVE-2024-11856, which lets attackers remotely modify data without permission. HPE IceWall Flaw CVE-2024-11856 stems from a [...]
FHN 
