anydesk
-
A newly discovered vulnerability in AnyDesk, the popular remote desktop software, has sparked serious cybersecurity concerns. Identified as CVE-2024-12754 and tracked under ZDI-24-1711, this flaw allows local attackers to exploit a mechanism to handle Windows background images, potentially escalating their privileges to administrative levels. Researchers warn that this vulnerability poses a significant risk to sensitive…
-
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned recently of a sophisticated scam targeting computer users through fake AnyDesk requests. This new threat exploits social engineering tactics to gain unauthorized access to victims’ devices, potentially leading to data theft and other malicious activities. The scam involves attackers impersonating CERT-UA, sending connection requests via…
-
CERT-UA warned of scammers impersonating the agency, using fake AnyDesk requests to conduct fraudulent security audits. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of cyber scams involving threat actors impersonating the agency by sending fraudulent AnyDesk connection requests under the guise of security audits. CERT-UA pointed out that it uses the software AnyDesk…
-
Adversaries frequently leverage legitimate tools in their malicious campaigns. The popular AnyDesk remote utility has also been largely exploited by hackers for offensive purposes. Cyber defenders have unveiled the recent misuse of AnyDesk software to connect to targeted computers, masquerading the malicious efforts as CERT-UA activity. Detect Cyber-Attacks Exploiting AnyDesk Based on CERT-UA Research Adversaries…
-
Topic: AnyDesk 9.0.1 – Unquoted Service Path Risk: Medium Text:# Exploit Title: AnyDesk 9.0.1 – Unquoted Service Path # Date: 2024-12-11 # Exploit Author: Parastou Razi # Contact: razi.pa…
-
A critical vulnerability in AnyDesk, a popular remote desktop application, has been discovered that could allow attackers to expose users’ IP addresses.
-
A newly discovered vulnerability in popular remote desktop software AnyDesk could allow attackers to uncover users’ IP addresses, posing significant privacy risks. Security researcher Ebrahim Shafiei identified the flaw (CVE-2024-52940) in AnyDesk’s “Allow Direct Connections” feature on Windows systems.
-
Sophos X-Ops Incident Response team has recently uncovered the tactics of a relatively new ransomware group known as Mad Liberator, which has been active since mid-July 2024. The group has garnered attention for its use of the popular remote-access application Anydesk to execute highly targeted and covert attacks on unsuspecting victims.
-
Hackers target and weaponize AnyDesk, Zoom, Teams, and Chrome as these applications are widely used in a multitude of sectors.
-
0-Day Exploits for Outlook and Windows, AnyDesk Access Sale, LeadSquared and WeRize Database Leaks
·
Explore the latest cyber threats with SOCRadar Dark Web Team’s findings. Concerning posts on hacker forums reveal the sale of two new alleged 0-day exploits, targeting Microsoft Outlook and Windows. Furthermore, our team identified major leaks of customer databases, comprising 1.3 terabytes of highly sensitive data.
-
AnyDesk 7.0.15 Unquoted Service Path – CXSecurity.com
-
Cybereason issues Threat Alerts to inform customers of emerging impacting threats, including critical vulnerabilities. Cybereason Threat Alerts summarize these threats and provide practical recommendations for protecting against them.
-
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
-
Hackers are leveraging the AnyDesk remote desktop application in a phishing campaign targeting employees, Malwarebytes warns.
-
UPDATE 02FEB2024 @ 1713 EST On February 2, the online information security community came alive with a buzz and rumor: the AnyDesk remote control software provider may have been compromised. That morning, this was all speculation – but corroborated with an unexpected 48-hour maintenance period and a sudden change to their code signing certificate in…
-
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos:
-
Published in · 4 min read · 18 hours ago In the world of cybersecurity, contributions come in various forms. One such contribution is the creation of rules that enhance the security of applications. This blog post discusses a pull request made to SigmaHQ that added a new rule to detect the execution of the…
-
Popular remote monitoring and management software company AnyDesk said all versions of its tool obtained from “official sources” are safe to use following a cyberattack that caused days of outages and concern among users. The cyberattack affected servers in Spain and Portugal but nowhere else, AnyDesk said.
-
Microsoft Azure HDInsight has been identified to have its third-party Apache Hadoop, Kafka, and Spark services affected by three security flaws, which stem from Apache Ambari and Oozie software and have already been remediated by Microsoft in updates issued in October, The Hacker News reports.