Category: Cyware News – Latest Cyber News

Zimbra RCE Vuln Under Attack Needs Immediate Patching

Attackers are actively targeting a severe remote code execution vulnerability that Zimbra recently disclosed in its SMTP server, heightening the urgency for affected organizations to patch vulnerable instances right away. This article has been indexed from Cyware News – Latest…

Iran-linked Threat Group Handala Actively Targets Israel

Handala’s most serious claims are unverified, but the Iranian threat group’s actions have led to numerous account suspensions and website shutdowns due to its persistent activities. This article has been indexed from Cyware News – Latest Cyber News Read the…

Logpoint Strengthens SIEM by Acquiring Muninn AI-Powered NDR

Logpoint, a SIEM company based in Copenhagen, acquired Muninn, an AI-powered NDR startup, to enhance threat detection capabilities. Muninn’s AI technology is designed to detect complex attacks in environments where traditional methods fall short. This article has been indexed from…

Phishing Attacks on Australia Disguised as Atlassian

Mimecast highlighted a noticeable increase in the use of Atlassian to evade detection. The attackers utilized postmark URLs to gather data intelligence, including location and browser details. This article has been indexed from Cyware News – Latest Cyber News Read…

PoC Exploit Shows Local Privilege Escalation Risk in Linux

Researchers disclosed a critical privilege escalation vulnerability, CVE-2024-26808, in the Linux kernel affecting versions from v5.9 to v6.6. The flaw is in the Netfilter component, allowing root access by manipulating memory allocation. This article has been indexed from Cyware News…

DCRat Targets Users with HTML Smuggling

A new HTML smuggling campaign is targeting Russian-speaking users, distributing DCRat malware. This marks the first time the malware has been deployed using this method, unlike common delivery methods like compromised sites or phishing emails. This article has been indexed…

Critical RCE Vulnerability Found in OpenPLC

The most severe issue is a stack-based buffer overflow vulnerability (CVE-2024-34026) that allows an attacker to execute remote code. Users are advised to update to the latest version of OpenPLC to protect against these security risks. This article has been…

HPE Patches Three Critical Security Holes in Aruba PAPI

HPE has released patches for three critical security vulnerabilities in Aruba’s networking access points, which could allow attackers to run code on the systems by sending specially crafted packets to UDP port 8211. This article has been indexed from Cyware…

Critical WhatsUp Gold Vulnerabilities Demand Immediate Action

The six vulnerabilities, with high severity scores, could lead to unauthorized access and control over network infrastructure. Progress Software advises all WhatsUp Gold users to upgrade to version 24.0.1 to mitigate these vulnerabilities. This article has been indexed from Cyware…

Critical Vulnerabilities Found in NVIDIA Container Toolkit

Nvidia Container Toolkit has critical vulnerabilities (CVE-2024-0132 and CVE-2024-0133) up to v1.16.1, allowing attackers to access the host file system, execute code, escalate privileges, and disrupt services. This article has been indexed from Cyware News – Latest Cyber News Read…

Picus Security Raises $45M in Funding

Picus Security, a San Francisco, CA-based security validation company, raised $45M in funding. The round, which brought total funds raised to $80M, was led by Riverwood Capital, with participation from existing investor Earlybird Digital East Fund. This article has been…

Keycloak Vulnerability Puts SAML Authentication at Risk

The vulnerability lies in Keycloak’s XMLSignatureUtil class, which incorrectly verifies SAML signatures, disregarding the vital “Reference” element that specifies the signed portion of the document. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Lumma Stealer Malware Campaign Exploits Fake CAPTCHA Pages

The Lumma Stealer malware is being distributed through deceptive human verification pages that trick Windows users into running malicious PowerShell commands, leading to sensitive information theft. This article has been indexed from Cyware News – Latest Cyber News Read the…

Germany Seizes 47 Crypto Exchanges Used by Ransomware Gangs

These exchanges allowed users to trade cryptocurrencies anonymously, creating a safe environment for cybercriminals to launder their proceeds without fear of prosecution. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Germany Seizes…

CISA Urges Software Developers to Weed Out XSS Vulnerabilities

The CISA and the FBI recommended software developers to implement rigorous validation, sanitization, and input escaping to prevent malicious script injections and data manipulation. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Red Hat OpenShift Receives Patches for Two Critical Flaws

Red Hat OpenShift, a popular hybrid cloud platform with robust security features, is facing two critical vulnerabilities: CVE-2024-45496 (CVSS 9.9) and CVE-2024-7387 (CVSS 9.1). This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

US Indicts Chinese National for Phishing for NASA Tech

Prosecutors allege that Chinese national Wu Song targeted US academics and engineers to obtain applications used in aerospace engineering and fluid dynamics, which could be used for developing missiles and weapons. This article has been indexed from Cyware News –…

Data Theft Risk in Salesforce by Manipulating Public Links

The vulnerability was related to the undocumented Salesforce Aura API and SOQL subqueries, allowing a blind SOQL injection attack to retrieve customer information, including personally identifiable information (PII). This article has been indexed from Cyware News – Latest Cyber News…

US Hits Intellexa Spyware Maker With More Sanctions

The US has imposed further sanctions on Intellexa, the maker of the Predator spyware, targeting individuals and entities associated with the company due to its opaque corporate structure designed to evade accountability. This article has been indexed from Cyware News…

Rising Clipper Malware Attacks Target Cryptocurrency Users

The malicious software called ClipBankers can monitor clipboard activity and replace cryptocurrency addresses with those controlled by attackers, diverting digital asset transfers to rogue wallets. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Metabase Q Raises $11M in Series A Extension Funding

Metabase Q, an IT cybersecurity management company based in San Francisco, has raised $11M in its Series A extension funding. Backers include SYN Ventures and John Watters. This article has been indexed from Cyware News – Latest Cyber News Read…

Applications are Open for IoT Device Cyber Certifiers

The FCC is seeking volunteers to serve as administrators for a new cybersecurity labeling program, allowing consumers to identify products less vulnerable to cyberattacks. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Python Libraries Exploited for Malicious Intent

A recent report by Xavier Mertens, a Senior ISC Handler and cybersecurity consultant, highlights a concerning trend where cybercriminals are increasingly using legitimate Python libraries for malicious activities. This article has been indexed from Cyware News – Latest Cyber News…

GitLab Warns of Critical Pipeline Execution Vulnerability

GitLab released updates covering versions 17.1.7, 17.2.5, and 17.3.2 for GitLab Community Edition (CE) and Enterprise Edition (EE), addressing a total of 18 security issues. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Fileless Remcos RAT Campaign Leverages CVE-2017-0199 Flaw

In a newly uncovered advanced malware campaign, threat actors are using a complex, fileless approach to deliver the Remcos Remote Access Trojan (RAT), leveraging a benign-looking Excel document as the attack vector. This article has been indexed from Cyware News…