Category: Cyware News – Latest Cyber News

Siemens recently patched several vulnerabilities in its Sicam products that could be exploited to target the energy sector. The updates addressed two high-severity and one medium-severity flaws. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The Medusa banking trojan (aka TangleBot) operates as a malware-as-a-service, providing keylogging, screen controls, and SMS manipulation. Note that this operation is different from the ransomware gang and the Mirai-based botnet with the same name. This article has been indexed…

Read more →

The polyfill.io domain, which offers JavaScript code to add functionality to older browsers, has been compromised and is infecting over 100,000 websites with malware. The domain was purchased by a Chinese organization earlier this year. This article has been indexed…

Read more →

UK and US law enforcement agencies have collaborated to combat the Qilin ransomware gang, which has targeted the global healthcare industry through several recent attacks. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Zeek is an open-source network analysis framework. Unlike an active security device such as a firewall, Zeek operates on a versatile ‘sensor’ that can be a hardware, software, virtual, or cloud platform. This article has been indexed from Cyware News…

Read more →

Although there was no evidence of data theft or lateral movement, the agency’s investigation revealed that unauthorized access to various sensitive information, including security plans and user accounts, may have occurred. This article has been indexed from Cyware News –…

Read more →

Cyble Research and Intelligence Labs (CRIL) researchers have discovered that a Russia-linked threat group known as UAC-0184 is targeting Ukraine using the XWorm remote access trojan (RAT). This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

A critical security vulnerability, CVE-2024-5806, has been found in MOVEit Transfer, a popular file transfer software. The vulnerability allows attackers to bypass authentication checks and gain administrative access by sending manipulated requests. This article has been indexed from Cyware News…

Read more →

According to the Thales 2024 Cloud Security Study, 44% of organizations have experienced a cloud data breach, with 14% reporting incidents in the past year. Human error and misconfigurations were the top root causes, affecting 31% of cases. This article…

Read more →

Ta Van Tai, Nguyen Viet Quoc, Nguyen Trang Xuyen, and Nguyen Van Truong are accused of conducting phishing campaigns and supply chain compromises to orchestrate cyberattacks and steal millions of dollars. This article has been indexed from Cyware News –…

Read more →

The FBI has issued a warning about cybercriminals pretending to be law firms and lawyers offering cryptocurrency recovery services. These scammers target victims of investment scams, stealing funds and personal information. This article has been indexed from Cyware News –…

Read more →

SpyMax does not require the targeted device to be rooted, making it easier for threat actors to cause damage. Once installed, SpyMax gathers personal information from the infected device without user consent and sends it to a remote threat actor.…

Read more →

P2PInfect, a previously dormant peer-to-peer malware botnet, has recently become active and is now targeting Redis servers. The botnet has introduced new features like cron-based persistence mechanisms and SSH lockout. This article has been indexed from Cyware News – Latest…

Read more →

Unlike previous methods, SnailLoad doesn’t require a person-in-the-middle attack or hacking the target’s Wi-Fi. Instead, it lets a remote attacker infer websites and content viewed by a user without accessing their network traffic directly. This article has been indexed from…

Read more →

AI is not new to cybersecurity, but generative AI is causing concern as it impacts organizations. A study found that AI-generated threats have already affected 75% of organizations, yet 60% are not prepared to handle AI-based attacks. This article has…

Read more →

The U.S. Department of Energy has released a new framework of best practices for securing clean energy cyber supply chains, focusing on key technologies used in managing electricity, oil, and natural gas systems. This article has been indexed from Cyware…

Read more →

A new command execution technique called “GrimResource” has been discovered that leverages a combination of specially crafted Microsoft Saved Console (MSC) files and an unpatched Windows XSS flaw. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The Boolka group is responsible for deploying advanced malware and conducting web attacks. They have been exploiting vulnerabilities using SQL injection attacks since 2022, targeting websites in various countries. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Multiple WordPress plugins have been found to contain a backdoor that injects malicious code. This code allows attackers to create unauthorized administrator accounts, enabling them to perform malicious actions. This article has been indexed from Cyware News – Latest Cyber…

Read more →

The Ransomhub ransomware group’s modus operandi involves encrypting data and leveraging access to SCADA systems to disrupt essential functions, as evidenced in their recent breach. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

SmokeLoader acts as a loader for other malware, once it is executed it will inject malicious code into the currently running explorer process (explorer.exe) and download another payload to the system. This article has been indexed from Cyware News –…

Read more →

Security updates have been promptly released to address these critical vulnerabilities in multiple WordPress plugins. SingCERT reported 9 critical plugin vulnerabilities and shared the mitigation strategies to avoid exploration by threat actors. This article has been indexed from Cyware News…

Read more →

As digital transformation accelerates, understanding how businesses are preparing for and implementing digital ID technologies is crucial for staying ahead in security and efficiency, according to Regula. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

According to the new update, threat actors exploited zero-day flaws in Ivanti Connect Secure (ICS) and created rogue virtual machines (VMs) within the organization’s VMware environment. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The augmentations concern the Border Gateway Protocol, a backbone data transmission algorithm that determines the optimal path for data packets to move across networks, said National Cyber Director Harry Coker This article has been indexed from Cyware News – Latest…

Read more →

While fears of cyberattacks continue to rise, CISOs demonstrate increasing confidence in their ability to defend against these threats, reflecting a significant shift in the cybersecurity landscape, according to Proofpoint. This article has been indexed from Cyware News – Latest…

Read more →

One campaign uses HTML smuggling to hide the phishing content from network inspection. The other uses a method called transparent phishing, where the attacker uses Cloudflare Workers to act as a reverse proxy server for a legitimate login page. This…

Read more →

The Australian Communications and Media Authority said it has filed proceedings against Optus in a federal court as the company failed to protect sensitive customer data during a data breach in September 2022 that affected close to 10 million people.…

Read more →

The frequency and severity of attacks are increasing—yet most businesses remain unprepared, according to VikingCloud. Between a growing talent shortage, alert fatigue, and new sophisticated attack methods, companies are more susceptible than ever. This article has been indexed from Cyware…

Read more →

Cybersecurity researchers at Datadog Security Labs discovered malicious software packages targeting MacOS users through the Python Package Index (PyPI) and NPM repository. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Malicious PyPI…

Read more →

CERT-UA reports that research following the initial discovery of this attack revealed at least five potential breaches by the same files in financial and insurance institutions across Europe and the United States. This article has been indexed from Cyware News…

Read more →

Cloud applications and SaaS tools have countless configuration options that are often poorly documented and can change frequently, making it difficult to ensure they are securely configured. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Europe’s leading research universities should work more closely with the continent’s intelligence agencies to help secure their research from being stolen by hostile states, EU member states recommended this week. This article has been indexed from Cyware News – Latest…

Read more →

Researchers at Trellix Advanced Research Center spotted fake AV sites used to distribute info-stealers. The malicious websites hosted sophisticated malicious files such as APK, EXE, and Inno setup installer, including spying and stealer capabilities. This article has been indexed from…

Read more →

According to a report by Malwarebytes, cybercriminals prepared for the product launch, setting up malicious advertisements on Google Search to lure users looking to download the new web browser. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Cisco states that there are no workarounds that address this vulnerability. The IT giant has confirmed that this vulnerability does not affect Adaptive Security Appliance (ASA) Software or Firepower Threat Defense (FTD) Software. This article has been indexed from Cyware…

Read more →

Security researchers have revealed a series of criminal campaigns that exploit cloud storage services such as Amazon S3, Google Cloud Storage, Backblaze B2 and IBM Cloud Object Storage. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Forcepoint X-Labs has recently observed a significant number of phishing email instances in their telemetry targeting various government departments in APAC that masquerade as PDF viewer login pages. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

“This guidance helps organizations disrupt malicious cyber activity by applying granular access control and visibility to applications and workloads in modern network environments,” said Dave Luber, director of cybersecurity at NSA. This article has been indexed from Cyware News –…

Read more →

The threat actors demonstrate increased caution in selecting their targets, broadening their reconnaissance efforts, and adopting Cobalt Strike Beacon over custom backdoors. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Sharp Dragon…

Read more →

BLOODALCHEMY is an updated version of Deed RAT, which is believed to be a successor to ShadowPad malware. It has been used in attacks targeting government organizations in Southern and Southeastern Asia. This article has been indexed from Cyware News…

Read more →

Effective, updated policies are foundational to an organization’s cybersecurity strategy in this new era of AI-driven attacks. CISOs must proactively adapt their email security approach to protect against the latest social engineering threats. This article has been indexed from Cyware…

Read more →

An improper access control bug in Apache Flink that was fixed in January 2021 has been added to the US government’s Known Exploited Vulnerabilities Catalog, meaning criminals are right now abusing the flaw in the wild to compromise targets. This…

Read more →

Bugcrowd CEO Dave Gerry said their acquisition of Brighton, England-based Informer will fuel the adoption of Bugcrowd’s penetration testing technology and prompt clients to expand the scope of their bug bounty programs. This article has been indexed from Cyware News…

Read more →

“Rather than scam or phish everyday people directly for gift card-based payments, Storm-0539 infiltrates large retailers and fraudulently issues gift card codes to themselves, virtually printing their own money,” Microsoft’s Vasu Jakkal explained. This article has been indexed from Cyware…

Read more →

The security flaw (tracked as CVE-2024-4835) is an XSS weakness in the VS code editor (Web IDE) that lets threat actors steal restricted information using maliciously crafted pages. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

A requirement for the Pentagon to commission an independent study on the creation of a U.S. Cyber Force was added late Wednesday to the House version of the defense policy bill. This article has been indexed from Cyware News –…

Read more →

Siloed approaches to securing human and machine identities are driving identity-based attacks across enterprises and their ecosystems, according to a new report by CyberArk. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

The security issue was discovered internally by Google’s Clément Lecigne and is tracked as CVE-2024-5274. It is a high-severity ‘type confusion’ in V8, Chrome’s JavaScript engine responsible for executing JS code. This article has been indexed from Cyware News –…

Read more →

“Through ongoing monitoring and collaboration with cyber authorities, we identified attempts to replace our Viewer 8.3.7 software with a compromised file,” the company said in a statement on Thursday. This article has been indexed from Cyware News – Latest Cyber…

Read more →

National Cyber Director Harry Coker Jr. said the administration is taking actions to strengthen key critical infrastructure sectors, including healthcare and water utilities, and will pursue additional steps to fight ransomware and boost resilience. This article has been indexed from…

Read more →

The Police Service of Northern Ireland (PSNI) is bracing for a hefty £750,000 (~$952k) fine following last year’s data breach. The PSNI data breach saw the exposure of the personal information of approximately 10,000 officers and staff. This article has…

Read more →

The threat actor searches for sensitive information related to diplomatic and economic missions, embassies, military operations, political meetings, ministries of targeted countries, and high-ranking officials. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

The KeyPlug backdoor has been developed to target both Windows and Linux operative systems and use different protocols to communicate which depend on the configuration of the malware sample itself. This article has been indexed from Cyware News – Latest…

Read more →

One of them called ORB3/SPACEHOP is described as “a very active network leveraged by multiple China-nexus threat actors, including APT5 and APT15” for reconnaissance and vulnerability exploitationl This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Bolster, an AI startup, has raised $14 million in funding led by Microsoft’s M12 to combat malicious phishing emails. Their flagship product, CheckPhish, offers brand and URL verification services to businesses. This article has been indexed from Cyware News –…

Read more →

The cybersecurity business is booming, and cyberattacks are fueling its growth. Global spending on security and risk management is on pace to reach $215 billion this year, up 30% from almost $165 billion in 2022, according to Gartner. This article…

Read more →

Georgia resident Malachi Mullings received a decade-long sentence for laundering money scored in scams against healthcare providers, private companies, and individuals to the tune of $4.5 million. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The research program will be led by researcher Shahar Avin at the government’s AI Safety Institute and delivered in partnership with UK Research and Innovation and The Alan Turing Institute. This article has been indexed from Cyware News – Latest…

Read more →

Development teams need to plan ahead and create shareable SBOMs that are standardized in a format that’s readily consumable while also establishing scalable systems for attestation, access management, and data verification, among other factors. This article has been indexed from…

Read more →

A politically motivated hacking group aligned with Pakistani interests is matching the Indian military’s shift away from the Windows operating system with a heavy focus on malware encoded for Linux. This article has been indexed from Cyware News – Latest…

Read more →

A top Microsoft executive will testify next month before the House Committee on Homeland Security on recent cyberattacks that impacted the company and its customers, and Microsoft’s revitalized security strategy. This article has been indexed from Cyware News – Latest…

Read more →

Around 16 different independent hacktivist groups are targeting Indian elections, including Anon Black Flag Indonesia, Anonymous Bangladesh, and Morocco Black Cyber Army, among others. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Bitdefender researchers who discovered the threat group report that its operations align with Chinese geo-political interests, focusing on intelligence collection and espionage. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Chinese Hackers…

Read more →

Microsoft’s new automatic screenshot retrieval feature could enable hackers to steal sensitive information such as online banking credentials, security experts warned. Additionally, the U.K ICO will probe Recall for compliance with privacy law. This article has been indexed from Cyware…

Read more →

Much of the testimony – and concerns raised by the committee – focused on the AI advantages for cybercriminals and nation-state actors, advantages that cybersecurity officials say must be countered by increasingly building AI into products. This article has been…

Read more →

This campaign, active since at least 2021, has targeted over 30 victims in various countries, primarily in Africa and the Middle East, with government agencies being the main victims. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Delivered via a phishing email attachment, the malicious file makes use of the hidden right-to-left override (RLO) Unicode character (U+202E) to reverse the order of the characters that come after that character in the string. This article has been indexed…

Read more →

According to Arctic Wolf, 66% of organizations that suffered a data breach in the last year chose to publicly disclose information regarding their incidents, while 30% only disclosed their breaches to impacted parties. This article has been indexed from Cyware…

Read more →

The joint Snowflake and Anvilogic solution would lead to reduced costs — on the order of 50% to 80%, the companies claim — and will eventually replace legacy SIEM platforms, argues Karthik Kannan, CEO of Anvilogic. This article has been…

Read more →

pcTattletale allows remote monitoring of Android or Windows devices and their data. The app claims to run invisibly in the background, undetectable on the target’s workstation. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Apple is one of several companies, along with Google, Skyhook, and others, that operate a WPS. They offer client devices a way to determine their location that’s more energy efficient than using the Global Positioning System (GPS). This article has…

Read more →

Rockwell Automation warned customers to disconnect industrial control systems (ICS) from the internet, citing escalating cyber threats and rising global geopolitical tensions. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Rockwell Automation…

Read more →

Former White House National Security Council cyber staff member Jeff Greene, the current cybersecurity programs director at the Aspen Institute think tank, is joining the CISA next month, the agency confirmed. This article has been indexed from Cyware News –…

Read more →

The U.S. Securities and Exchange Commission (SEC) announced today that a major player in the U.S. financial system has agreed to pay a $10 million penalty for failing to timely report an April 2021 VPN breach. This article has been…

Read more →

CloudSEK researchers found the fake spyware after perusing around 25,000 posts of individuals offering Pegasus and other NSO tools via channels on the messaging service Telegram. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The MDR business was stood up in 2018 as a standalone unit within Novacoast, and rebranded in September 2022 from novaSOC to Pillr. Novacoast CEO Paul Anderson served as Pillr’s chief executive for most of its existence. This article has…

Read more →

There are plenty of widely-used code snippet plugins available but in this case the attackers decided to use a very obscure plugin called Dessky Snippets, with only a few hundred active installations at the time of writing. This article has…

Read more →

Over 70% of water systems surveyed since last September failed to meet certain EPA security standards, leaving them vulnerable to cyberattacks that could disrupt wastewater and water sanitation systems nationwide, the EPA reported on Monday. This article has been indexed…

Read more →

A malicious crypto mining campaign codenamed ‘REF4578,’ has been discovered deploying a malicious payload named GhostEngine that uses vulnerable drivers to turn off security products and deploy an XMRig miner. This article has been indexed from Cyware News – Latest…

Read more →

The US government’s Advanced Research Projects Agency for Health (ARPA-H) has pledged more than $50 million to fund the development of technology that aims to automate the process of securing hospital IT environments. This article has been indexed from Cyware…

Read more →

Instant messaging app Snapchat its artificial intelligence-powered tool under compliance after the U.K. data regulator said it violated the privacy rights of individual Snapchat users. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Cybersecurity researchers and Internet of Things (IoT) technology companies say they worked together to eliminate four software vulnerabilities that could have given malicious hackers deep access to networks. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The core of SolarMarker’s operations is its layered infrastructure, which consists of at least two clusters: a primary one for active operations and a secondary one likely used for testing new strategies or targeting specific regions or industries. This article…

Read more →

Authelia is an open-source authentication and authorization server that offers 2FA and SSO for applications through a web portal. It works alongside reverse proxies to permit, deny, or redirect requests. This article has been indexed from Cyware News – Latest…

Read more →

Over 100 medical associations and industry groups, representing thousands of U.S. doctors and healthcare professionals, have urged the HHS to hold Change Healthcare accountable for breach notifications following a massive February ransomware attack. This article has been indexed from Cyware…

Read more →

To enable E2EE, all meeting participants must join from the Zoom desktop or mobile app. While those hosting a meeting on a free account can use E2EE, they will still need to verify their phone number via an SMS-delivered code.…

Read more →

?Veeam warned customers today to patch a critical security vulnerability that allows unauthenticated attackers to sign into any account via the Veeam Backup Enterprise Manager (VBEM). This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The Open Source Security Foundation (OpenSSF) announced a new email mailing list named Siren that aims to spread threat intelligence related to open-source projects. It will be publicly viewable and will only require registration to post on the list. This…

Read more →

An extensive security audit of QNAP QTS, the operating system for the company’s NAS products, has uncovered fifteen vulnerabilities of varying severity, with eleven remaining unfixed. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Void Manticore utilizes five different methods to conduct disruptive operations against its victims. This includes several custom wipers for both Windows and Linux, alongside manual deletion of files and shared drives. This article has been indexed from Cyware News –…

Read more →

Germany is considering banning the use of Huawei and ZTE equipment in its 5G networks due to national security concerns, despite industry opposition and the potential high costs associated with the removal of the Chinese-made technology. This article has been…

Read more →

The Jumio 2024 Online Identity Study reveals that while consumers are increasingly concerned about the risks posed by deepfakes and generative AI, they continue to overestimate their ability to detect these deceptions. This article has been indexed from Cyware News…

Read more →

The CISA has required federal agencies to update to a patched version of Mirth Connect (version 4.4.1 or later) by June 10, 2024, to secure their networks against active threats. This article has been indexed from Cyware News – Latest…

Read more →

Cybersecurity researchers have discovered a critical vulnerability, dubbed “Linguistic Lumberjack,” in the popular logging and metrics utility Fluent Bit that could allow for denial-of-service (DoS), information disclosure, or remote code execution. This article has been indexed from Cyware News –…

Read more →

Researchers at Genians Security Center (GSC) identified the North Korea-linked Kimsuky APT group targeting victims via Facebook Messenger, using fake accounts posing as South Korean officials to deliver malware. This article has been indexed from Cyware News – Latest Cyber…

Read more →

An attorney discovered that the mobile ads she saw were reflecting her recent library audiobook borrowing habits, raising concerns about the privacy of library patron data and the potential for targeted advertising based on that information. This article has been…

Read more →

Cybercriminals’ new tactics led to a 64% increase in ransomware claims in 2023, driven by a 415% rise in “indirect” incidents and remote access vulnerabilities, pressuring more victims to pay ransoms, according to At-Bay. This article has been indexed from…

Read more →

Researchers at Horizon3.ai discovered a critical remote code execution vulnerability (CVE-2023-34992) in Fortinet FortiSIEM, allowing unauthenticated attackers to execute commands as root users and gain access to sensitive information. This article has been indexed from Cyware News – Latest Cyber…

Read more →

The acquisition will allow CyberArk to expand its capabilities in securing machine-to-machine communications and address the growing attack surface in the cloud-first, AI-driven, and post-quantum world. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →