Pwn2Own Vancouver 2023 – Day 3 Summary
The third day of Pwn2Own Vancouver 2023 has seen awards $195,000, bringing the total awarded to $1035,000 Kyle Zeng from ASU SEFCOM used a double free bug to exploit Ubuntu…
Nexus Android Banking Trojan
Researchers spotted a new Android Trojan dubbed Nexus that is capable of hijacking online accounts and stealing from them, to be targeting customers from 450 banks and cryptocurrency services worldwide.…
CISA Releases Untitled Goose Tool
The U.S. CISA released free post-incident hunting tools for organizations using Microsoft Azure, Azure Active Directory, and Microsoft 365 applications. The tool was built by CISA and Sandia National Laboratories,…
Critical Vulnerability in Woocommerce Payment Plugin
Researchers discovered a critical vulnerability in Woocommerce that could allow attackers to take over websites. The payment plugin itself has 500,000 active installations Researchers pointed out that the vulnerability was…
Cl0P Ransomware havoc with GoAnywhere MFT Exploit
City of Toronto suffers a data breach caused by Clop ransomware, the gang responsible for exploiting the vulnerability in GoAnywhere. The Clop ransomware gang listed the city of Toronto on…
CISA Pre Ransomware Notification Initiative
The US CISA has announced a new Pre-Ransomware notification initiative that aims at alerting organizations of early-stage ransomware attacks. The motto behind the initiative is that ransomware actors initially gain…