New ‘Loop DoS’ Attack Could Impact Up to 300,000 Online Systems
Malware Developments
PhantomBlu Campaign Employes New Methods to Distribute NetSupport RAT?
Security researchers have recently identified a sophisticated malware campaign called "PhantomBlu", aimed at organizations in the United States. This campaign uses advanced evasion techniques to deploy the NetSupport Remote Access Trojan (RAT).?
Vulnerabilities and Exploitation Attempts
Mozilla Patches Critical Firefox Zero-Day Bugs Exploited at Hacking Competition?
Mozilla addressed two critical vulnerabilities in Firefox that attackers exploited during the Pwn2Own 2024 hacking contest. These zero-day bugs allowed attackers to potentially execute malicious code on vulnerable devices.
Critical Flaw in Ivanti Standalone Sentry Leads to RCE?
A new critical remote code execution vulnerability has been discovered in the Ivanti Standalone Sentry, designated as CVE-2023-41724 (with a CVSS score of 9.6). Ivanti Standalone Sentry (formerly known as MobileIron Sentry) is the standalone version of Ivanti’s software component that manages and secures traffic between devices and back-end enterprise systems.?
Atlassian Releases Fixes for Over 20 Flaws, Including Critical Bamboo Bug?
Atlassian recently released patches to address over 20 security vulnerabilities, among which is a critical flaw impacting Bamboo Data Center and Server. This vulnerability, identified as CVE-2024-1597 and with a maximum CVSS score of 10.0, poses a significant risk as it can be exploited without any user interaction.?
领英推荐
Identified Trends
Protecting Against Attacks on NTLM Authentication?
Recently, there have been multiple incidents related to the exploitation of the Windows New Technology LAN Manager (NTLM) protocol. Microsoft, during its latest "Patch Tuesday" security update, addressed a critical vulnerability in the Microsoft Exchange server, designated as CVE-2024-21410.?
New ‘Loop DoS’ Attack Could Impact Up to 300,000 Online Systems?
Researchers recently discovered a denial-of-service attack named 'Loop DoS,' which exploits UDP to cause persistent communication loops, thus generating heavy traffic. The attack is made possible by a UDP protocol vulnerability, CVE-2024-2169, which allows for IP spoofing.
Gain deeper CTI insights!
CyberProof’s CTI service offers comprehensive threat intelligence coverage, ensuring that your organization stays ahead of active threats that pose the greatest risk to your assets.
Our advanced CTI team investigates the threat landscape, providing you with detailed reports, related Indicators of Compromise (IOCs), technical recommendations, and MITRE ATT&CK mapping.