Czech transport minister Martin Kupka confirmed that Russia-linked threat actors conducted “thousands of attempts to weaken our systems” since the beginning of the Russian invasion of Ukraine. This article has been indexed from Cyware News – Latest Cyber News Read…
Category: Cyware News – Latest Cyber News
New Bill Would Create a Governing Body for Water System Cyber Standards
A measure led by two House Republicans would enable the Environmental Protection Agency to certify a governing body to develop and recommend cybersecurity requirements for water treatment and wastewater systems. This article has been indexed from Cyware News – Latest…
Russian Sandworm Group Using Novel Backdoor to Target Eastern and Central Europe
The previously unreported backdoor, dubbed ‘Kapeka’, has a high level of stealth and sophistication, designed to both serve as an early-stage toolkit for its operators, and also to provide long-term access to the victim estate. This article has been indexed…
Several GTKWave Vulnerabilities Fixed in Debian
Recently, the Debian security team fixed several issues in GTKWave, an open-source waveform viewer for VCD files. These vulnerabilities, if exploited, could result in the execution of arbitrary code, posing a significant risk to users. This article has been indexed…
T-Mobile, Verizon Workers Get Texts Offering $300 for SIM Swaps
According to many reports, this is part of a campaign targeted at current and former mobile carrier workers who could have access to the systems required to perform a SIM swap. This article has been indexed from Cyware News –…
Update: Researchers Released Exploit Code for Actively Exploited Palo Alto Networks PAN-OS Bug
Researchers at watchTowr Labs have released a technical analysis of the vulnerability CVE-2024-3400 in Palo Alto Networks’ PAN-OS and a proof-of-concept exploit that can be used to execute shell commands on vulnerable firewalls. This article has been indexed from Cyware…
Misinformation and Hacktivist Campaigns Targeting the Philippines Skyrocket
Amidst rising tensions with China in the South China Sea, Resecurity has observed a significant spike in malicious cyber activity targeting the Philippines in Q1 2024, increasing nearly 325% compared to the same period last year. This article has been…
BreachForums Down, But Not Out: Hackers Claim Attack, Admins Remain Unfazed
The domain of the notorious BreachForums data leak and hacking forum has been taken down by rival threat actors. The threat actor group, R00TK1T, along with the Cyber Army of Russia, announced a breach of user data following the takedown.…
From Social Engineering to DMARC Abuse: TA427’s Art of Information Gathering
To craftily pose as its chosen personas, TA427 uses a few tactics including DMARC abuse in concert with free email addresses, typosquatting, and private email account spoofing. This article has been indexed from Cyware News – Latest Cyber News Read…
Top Officials Again Push Back on Ransom Payment Ban
Due to multiple reasons, the Institute for Security and Technology’s Ransomware Task Force threw cold water on the need for a ransomware payment ban in a report released Wednesday. This article has been indexed from Cyware News – Latest Cyber…
Report: Bad Bots Drive 10% Annual Surge in Account Takeover Attacks
Internet traffic associated with malicious bots now accounts for a third (32%) of the total, driving a 10% year-on-year (YoY) increase in account takeover (ATO) attacks last year, according to Imperva. This article has been indexed from Cyware News –…
FTC Bans Online Mental Health Firm From Sharing Certain Data
The FTC in its complaint against Cerebral Inc. and the company’s former CEO Kyle Robertson, alleges unfair or deceptive practice violations of the FTC Act and the Opioid Act, which pertains to substance use disorder treatment services. This article has…
Microsoft will Limit Exchange Online Bulk Emails to Fight Spam
“Exchange Online enforces a Recipient Rate limit of 10,000 recipients. The 2,000 ERR limit will become a sub-limit within this 10,000 Recipient Rate limit,” the Exchange Team said on Monday. This article has been indexed from Cyware News – Latest…
Blackjack Group Used ICS Malware Fuxnet Against Russian Targets
The attack chain sees hackers targeting a list of sensor gateways IPs. Threat actors distributed their malware to each target, likely either through remote-access protocols such as SSH or the sensor protocol (SBK) over port 4321. This article has been…
Report: Microsoft Most Impersonated Brand in Phishing Scams
Microsoft was impersonated in 38% of all brand phishing attacks in Q1 2024, according to new data from Check Point. Google was the second most impersonated brand in Q1 2024, making up 11% of attempts. This article has been indexed…
New SteganoAmor Attacks Use Steganography to Target 320 Organizations Globally
The attacks begin with malicious emails containing seemingly innocuous document attachments (Excel and Word files) that exploit the CVE-2017-11882 flaw, a commonly targeted Microsoft Office Equation Editor vulnerability fixed in 2017. This article has been indexed from Cyware News –…
Law Firm to Pay $8M to Settle Health Data Hack Lawsuit
Orrick Herrington & Sutcliffe’s proposed agreement with plaintiffs, filed last week in a northern California federal court, settles four proposed consolidated class action lawsuits filed against it in the wake of the March 2023 hacking incident. This article has been…