Cool Audit

Beware of Weaponized Notezilla, RecentX, & Copywhiz Windows Tools that Deliver Stealing Malware

Beware of Windows Tools that Deliver Stealing Malware

[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] Cybersecurity firm Rapid7 has identified that popular Windows tools Notezilla, RecentX, and Copywhiz have been weaponized to deliver malware. These tools, developed by Conceptworld, an India-based company, are widely used for productivity enhancements. However, the installation packages available on the official Conceptworld website have […]

Kiosk Mode Bypass Flaw On Hotel Check-in Terminal Leaks Guests Personal Data

Kiosk Mode Bypass Flaw

[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] A new vulnerability has been discovered in Ariane Allegro  Scenario Player in a Kiosk mode that could allow threat actors to bypass the Kiosk mode and access the underlying Windows Desktop. The CVE for this vulnerability is yet to be assigned by the severity […]

Hackers Employ JavaScript Framework To Trick Users Copy, Paste And Command Execution

Hackers Employ JavaScript Framework to Trick Users

[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] Hackers use JavaScript frameworks since they offer a wide range of functionalities and tools that could be used to bypass detection, hide code, and carry out harmful acts. In addition, they take advantage of the people’s trust in such popular frameworks by developers as […]

VLC Media Player Vulnerabilities Allow Remote Code Execution

Hackers May Crash Player

[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] VideoLAN, the organization behind the popular VLC Media Player, has disclosed multiple critical vulnerabilities that could allow attackers to execute arbitrary code remotely. These vulnerabilities affect both the desktop and iOS versions of the software. The security advisories, identified as SB-VLC3021 and SB-VLC-iOS359, outline several flaws malicious […]

Fortinet to Acquire AI-Powered Cloud Security Platform Lacework

Fortinet to Acquire Lacework

[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] Fortinet, a global leader in broad, integrated, and automated cybersecurity solutions, has announced its acquisition of Lacework, an AI-powered cloud-native application protection platform (CNAPP). This strategic move aims to enhance Fortinet’s already comprehensive cybersecurity platform by integrating Lacework’s advanced cloud security capabilities. The acquisition […]

Safari, Microsoft Edge, & DuckDuckGo Spoofing Flaws Impacting Millions of Users

Safari, Microsoft Edge, & DuckDuckGo Spoofing Flaws Impacting Millions of Users

[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] RedSecLabs security researchers Rafay Baloch and Muhammad Samaak have uncovered address bar spoofing vulnerabilities in widely used mobile browsers such as Safari, Microsoft Edge, and DuckDuckGo. These vulnerabilities have a significant impact, affecting millions of users worldwide. The Severity of Address Bar Spoofing Google has highlighted […]

Chrome Introduced Shared Memory Versioning to Enhance Browser Performance

Chrome Introduced Shared Memory Versioning to Enhance Browser Performance

[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] Google Chrome recently implemented Shared Memory Versioning, improving its speed through more effective cookie handling. This upgrade improves Chrome and other Chromium-powered browsers like Microsoft Edge and Vivaldi. Resource contention arises as more people rely on the Internet to do their daily tasks, placing increased demands […]

Threat Actor Claiming of Israel’s Government API Database

Threat Actor Claimimg of Israel's Government API Database

[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] A threat actor has claimed responsibility for breaching Israel’s government API database. The announcement was made via a post on social media X by the darkwebinformer. Details of the Breach According to the post, the threat actor claims to have accessed a vast array […]

Total Fitness Exposes 500k Images of Members & Staff

UK's Total Fitness Exposes 500k images of members and staff

[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] Cybersecurity researcher Jeremiah Fowler discovered a non-password-protected database containing 474,651 images belonging to Total Fitness, a health club chain with 15 locations across North England and Wales. The database, which was 47.7 GB in size, included personal screenshots, profile pictures of members and their children, and […]

Microsoft Unveils Ways To Detect Compromised Devices In Your Organization

Spotting Potentially Hacked Machines

[responsivevoice_button rate=”1″ pitch=”1.2″ volume=”0.8″ voice=”US English Female” buttontext=”Click Here to Listen”] Microsoft has announced a new way to spot potentially hacked machines in your organization. Analysts may now easily identify, examine, and search for suspicious interactive processes running on “hidden desktops” using Defender for Endpoint’s “DesktopName” field. These days, remote desktop protocol (RDP) compromise usage has reached […]