The North Korean threat actor known as Lazarus Group has been attributed to the zero-day exploitation of a now-patched security flaw in Google Chrome to seize control of infected devices. Cybersecurity vendor Kaspersky said it discovered a novel… Article Source https://thehackernews.com/2024/10/lazarus-group-exploits-google-chrome.html
Multiple privilege escalation issues in Microsoft Azure’s cloud-based Health Bot service opened the platform to server-side request forgery (SSRF) and could have allowed access to cross-tenant resources. The vulnerabilities, identified by Tenable… Article Source https://www.darkreading.com/application-security/microsoft-azure-ai-health-bot-infected-with-critical-vulnerabilities
A cybersecurity research team has identified a new ransomware called Eldorado that is targeting organizations globally. This ransomware is operated as Ransomware-as-a-Service (RaaS), allowing for decentralized deployment and a wider range of malware variants. The Eldorado ransomware encrypts files using the ChaCha20 algorithm and employs the RSA-OAEP scheme for key encryption. RaaS enables customers to … Read more