April 2024 – Page 2 – TheCyberThrone

CISA KEV Update April 2024 – Part II

The US. CISA has issued a high-priority alert for federal agencies to patch two critical vulnerabilities found in Cisco products and one in the widely used file transfer tool, CrushFTP.…

PravinKarthik April 25, 2024

ArcaneDoor Exploits Cisco ASA and FTD

Cisco has warned about a national-state actor who has been actively targeting two previously unknown security vulnerabilities in Cisco products since November to breach government networks. The campaign, dubbed ArcaneDoor…

PravinKarthik April 25, 2024

Google Fixes Critical Vulnerability in Chrome -CVE-2024-4058

Google has addressed four vulnerabilities in its Chrome browser. The most critical vulnerability, designated CVE-2024-4058. This flaw resides within ANGLE, a component of Chrome that translates graphics commands. If successfully…

PravinKarthik April 24, 2024

Red Ransomware Victimized Targus

The Red Ransomware gang has claimed responsibility on the cyberattack on retail giant Targus International. Targus is most known for its line of laptop and tablet cases, backpacks, universal docking…

PravinKarthik April 23, 2024

Oracle Virtual Box Vulnerability PoC Released – CVE-2024-21111

Security researcher has published a PoC exploit for a vulnerability in Oracle VirtualBox. This vulnerability plagues VirtualBox versions before 7.0.16 and allows attackers with basic access to a Windows system…

PravinKarthik April 22, 2024

CrushFTP Zeroday Vulnerability Exploited in Wild attack

CrushFTP is an FTP software that enables secure and efficient file transfer capabilities. It supports various features such as FTP, SFTP, FTPS, HTTP, HTTPS, WebDAV, and WebDAV SSL protocols, allowing…

PravinKarthik April 21, 2024

MITRE Breached Exploiting Ivanti Zeroday

MITRE has disclosed a security breach in one of its research and prototyping networks. A nation-state actor breached its systems in January 2024 by chaining two Ivanti Connect Secure zero-day…

PravinKarthik April 20, 2024