Category: Cyware News – Latest Cyber News

Threat actors are actively engaging in domain fraud, brand impersonation, and Ponzi schemes targeting the retail sector, which plays a significant role in the global economy. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Federal civilian agencies have until the end of the month to address these issues. The vulnerabilities are part of Microsoft’s monthly security release, with CVE-2024-43491 considered the most concerning due to its severity score. This article has been indexed from…

Read more →

This flaw, tracked as CVE-2024-35783 and with a CVSS score of 9.4, affects SIMATIC Process Historian, PCS 7, and WinCC, allowing attackers to gain elevated privileges and execute arbitrary commands. This article has been indexed from Cyware News – Latest…

Read more →

The Lazarus Group has been targeting developers in a new VMConnect campaign, using fake job interviews to trick them into downloading malicious software packages from open-source repositories. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

SolarWinds has disclosed two vulnerabilities in their Access Rights Manager (ARM) software: CVE-2024-28990 (CVSS 6. 3) allows for a hardcoded credential authentication bypass, while CVE-2024-28991 (CVSS 9. 0) enables remote code execution. This article has been indexed from Cyware News…

Read more →

Hackers are targeting an RCE vulnerability (CVE-2024-45195) in Apache OFBiz after the release of a Proof of Concept (PoC) exploit. Malicious requests have been detected, with attacks focusing on the financial services industry and business sectors. This article has been…

Read more →

By exploiting web app services, the attackers deploy a web shell to launch malware and gather credentials, compromising IIS servers to spread the BadIIS malware. The malware facilitates proxy ware and SEO fraud by manipulating search engine rankings. This article…

Read more →

The group deployed sophisticated malware named Veaty and Spearal against Iraqi targets, using distinctive command and control mechanisms, including a custom email-based channel identified within the Veaty malware. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Two critical remote code execution (RCE) flaws, identified as CVE-2024-8695 and CVE-2024-8696, have been uncovered in Docker Desktop, a popular tool for containerized application development. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

A new Linux malware named Hadooken is targeting Oracle WebLogic servers, dropping Tsunami malware and deploying a cryptominer. WebLogic servers are vulnerable to cyberattacks due to flaws like deserialization and weak access controls. This article has been indexed from Cyware…

Read more →

Adobe has completed a fix for a critical bug in Reader with a known Proof of Concept (PoC) exploit for CVE-2024-41869. The update also addresses another critical flaw, CVE-2024-45112, in various versions of Acrobat and Reader. This article has been…

Read more →

According to ISC2, the global cybersecurity workforce growth has stagnated at 5. 5 million professionals, increasing by just 0. 1% in a year, marking the sector’s first stall since 2019. This article has been indexed from Cyware News – Latest…

Read more →

The attack lifecycle involved initial access gained through a firewall vulnerability, followed by enumeration of network shares and lateral movement using Impacket and pass-the-hash attacks. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Created to combat data leaks within publicly available Docker images, DockerSpy automates the process of scanning for secrets to enhance security and compliance. Its scanning engine can identify various secret types and provides detailed analysis. This article has been indexed…

Read more →

Dr. Sreedhara Panicker Somanath, chairman of the Indian Space Research Organization, emphasized the importance of cybersecurity for the entire system during the recent inauguration of a cybersecurity training center. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Threat actors have been using this flaw, now labeled as CVE-2024-38217, to bypass Smart App Control and MotW security features to run potentially dangerous applications without warnings. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

A multipronged cybersecurity approach is necessary for the healthcare sector, involving technology investments, staff training, and collaboration between stakeholders to develop industry-wide standards and best practices. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

A recent report by Command Zero highlights the struggles CISOs and their teams are dealing with, including navigating the skills gap in the cyber field and operating commonly used tools effectively. This article has been indexed from Cyware News –…

Read more →

Kali Linux 2024. 3 has been released with 11 new tools and added support for Qualcomm Snapdragon SDM845 SoC devices. This release emphasizes behind-the-scenes updates and optimization. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The RansomHub ransomware gang has been found using Kaspersky’s TDSSKiller tool to disable EDR software on target systems, allowing for credential harvesting with LaZagne. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

New acoustic attack named ‘PIXHELL’ can leak secrets from air-gapped systems through LCD monitors without speakers. Malware modulates pixel patterns to induce noise in the 0-22 kHz range, allowing data exfiltration up to 2 meters at 20 bps. This article…

Read more →

Microsoft recently revealed four zero-day vulnerabilities in its September update, part of the Patch Tuesday release containing 79 vulnerabilities, making it the fourth-largest release of the year. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

On September 8, 2024, a significant exploit chain was discovered, starting from a publicly exposed . git directory, leading to a full server takeover. The vulnerabilities stem from websites exposing their . git folders. This article has been indexed from…

Read more →

The ToneShell backdoor, attributed to the Mustang Panda cyber espionage group, has resurfaced in a new attack targeting attendees of the 2024 IISS Defence Summit in Prague. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The U.S. Department of Justice has distributed $18. 5m to about 3000 victims of fraud facilitated by Western Union. This is part of the second phase of the Western Union Remission program, which aims to fully compensate victims. This article…

Read more →

By recognizing the importance of diversity in technology stacks and incorporating it into security protocols and incident response plans, companies can proactively protect their infrastructure and reduce the likelihood of catastrophic events. This article has been indexed from Cyware News…

Read more →

Security budgets are seeing modest growth in 2024, with an 8% increase compared to a 6% growth in 2023. However, hiring of security staff has significantly slowed down, according to a report by IANS Research and Artico Search. This article…

Read more →

LLMs can be manipulated to generate harmful outputs through malicious prompts, posing risks to enterprises. To counter these attacks, companies must focus on the design, development, deployment, and operation of their AI systems. This article has been indexed from Cyware…

Read more →

Quad7 botnet is expanding its reach by targeting additional SOHO devices with custom malware for Zyxel VPN appliances, Ruckus wireless routers, and Axentra media servers, in addition to previously reported TP-Link and ASUS routers. This article has been indexed from…

Read more →

. The ImageMagick vulnerability (CVE-2016-3714) could allow remote code execution through crafted images. Linux Kernel flaw (CVE-2017-1000253) enables privilege escalation for unpatched systems. This article has been indexed from Cyware News – Latest Cyber News Read the original article: CISA…

Read more →

The DHS Cyber Safety Review Board, led by Homeland Security officials, is preparing to announce its next investigation soon, as hinted by DHS undersecretary Rob Silvers. Silvers mentioned criteria for incident review but did not reveal details. This article has…

Read more →

A sophisticated trio of Chinese cyberespionage groups known as Cluster Alpha, Cluster Bravo, and Cluster Charlie are behind the Crimson Palace espionage campaign targeting government organizations in Southeast Asia. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Siemens has issued a critical security advisory for its User Management Component (UMC), revealing a heap-based buffer overflow vulnerability (CVE-2024-33698) with a 9. 3 CVSS score. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

OpenZiti is an open-source networking project that embeds zero-trust principles directly into applications, offering features like strong identity, mTLS, E2EE, private DNS, and smart routing. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

CosmicBeetle has unleashed a new ransomware called ScRansom, targeting SMBs in Europe, Asia, Africa, and South America, possibly working with RansomHub. The threat actor swapped its Scarab ransomware for ScRansom, showing ongoing enhancements. This article has been indexed from Cyware…

Read more →

The flaw, rated 7. 8 on the CVSS scale, involves a heap-based buffer overflow in the Desktop Window Manager core library, allowing attackers to execute arbitrary code with SYSTEM privileges. This article has been indexed from Cyware News – Latest…

Read more →

According to an FBI report, cryptocurrency scams surged in 2023, leading to victims reporting $5. 6 billion in financial losses associated with crypto schemes, a 45% increase from the previous year. This article has been indexed from Cyware News –…

Read more →

The HIUPAN worm allows Earth Preta to propagate malware into networks via removable drives, maintaining persistence by modifying registry values and creating autorun entries. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Zyxel has released critical hotfixes for its end-of-support NAS devices, NAS326 and NAS542, to address a severe command injection vulnerability (CVE-2024-6342) with a CVSS score of 9. 8. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The agency is losing nearly a fifth of its cyber capacity annually due to a broken pay system, leading to increased costs with temporary labor and consultants making up over 10% of its budget. This article has been indexed from…

Read more →

The initial infection involves downloading a malicious package containing a legit CapCut app, JamPlus utility, and a malicious script. The script triggers the download and execution of the final payload from a remote server. This article has been indexed from…

Read more →

FreeBSD has issued an urgent security advisory for CVE-2024-43102, a critical vulnerability with a CVSS score of 10. This flaw in the _umtx_op system call can lead to a kernel panic or code execution, jeopardizing system security. This article has…

Read more →

Checkmarx researchers discovered two XSS vulnerabilities on Gallup’s polling site, which could allow attackers to access sensitive data, execute arbitrary code, or take over accounts. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

This flaw affects the browser-based web app, enabling recipients to save pictures and videos that should disappear after being viewed. While the app prohibits users from taking screenshots, this bug circumvents that protection. This article has been indexed from Cyware…

Read more →

The German cyber agency is investigating a phishing campaign linked to Russian state hackers APT28, who mimicked a well-known think tank’s website. The hackers created a fake domain resembling the Kiel Institute for the World Economy. This article has been…

Read more →

CISA has identified vulnerabilities in industrial control system products from Baxter and Mitsubishi that are commonly used in healthcare and critical manufacturing sectors. Both the firms have released advisories with mitigation measures. This article has been indexed from Cyware News…

Read more →

Poland has dismantled a cyber sabotage group with links to Russia and Belarus. The group attempted to disrupt the country through cyberattacks, extorting information from local government agencies and state companies related to security matters. This article has been indexed…

Read more →

Known as Konni, the threat actor uses similar tactics in both countries since at least 2021, targeting entities like the Russian Ministry of Foreign Affairs, the Russian Embassy in Indonesia, and South Korean businesses, including a tax law firm. This…

Read more →

Researchers have warned of the resurgence of Predator spyware, previously thought to be inactive due to sanctions and exposure, thanks to new infrastructure and evasive tactics. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Chinese APT group Stately Taurus exploited Visual Studio Code to target government entities in Southeast Asia for cyberespionage. They utilized the software’s reverse shell feature to infiltrate networks, a technique first detected in 2023. This article has been indexed from…

Read more →

The underground market for malicious large language models (LLMs) is thriving, according to researchers from Indiana University Bloomington. They found 212 malicious LLMs for sale from April through September 2024. This article has been indexed from Cyware News – Latest…

Read more →

TIDrone, linked to Chinese-speaking groups, deploys advanced malware through ERP software or remote desktop tools. Trend Micro identified the threat actor as actively pursuing military and satellite industrial supply chains in Taiwan. This article has been indexed from Cyware News…

Read more →

Marsh McLennan and Zurich Insurance Group have issued a white paper highlighting the need for a public-private partnership to help close this significant coverage gap, which poses a threat to both businesses and the economy. This article has been indexed…

Read more →

These campaigns aim to steal sensitive banking credentials using innovative tactics, expanding beyond traditional regions like Brazil and Argentina to industries such as manufacturing, retail, and financial services. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Moody’s Ratings reported that competition in the cyber insurance market is increasing, leading to a decrease in prices, with new players entering the market despite concerns about systemic risk. This article has been indexed from Cyware News – Latest Cyber…

Read more →

A PoC exploit for an Elevation of Privilege vulnerability in Windows has been released by a security researcher. This exploit targets a flaw in the Windows Telephony service, allowing attackers to gain SYSTEM privileges on affected systems. This article has…

Read more →

The U.S. Department of Homeland Security (DHS) has issued a request for information to assess the security of technology at ports in order to develop a Maritime Port Resiliency and Security Research Testbed. This article has been indexed from Cyware…

Read more →

CAMO, short for Commercial Applications, Malicious Operations, showcases how cybercriminals are increasingly utilizing legitimate IT tools to evade security measures and conduct stealthy attacks. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

North Carolina musician Michael Smith has been indicted for allegedly scamming over $10 million in royalty payments from Spotify, Amazon Music, Apple Music, and YouTube Music through a massive streaming fraud scheme. This article has been indexed from Cyware News…

Read more →

The attack involves malware manipulating the computer’s RAM to emit controlled electromagnetic radiation that can transmit data to nearby recipients. The attack, created by Israeli researchers, leverages memory access patterns to modulate the RAM. This article has been indexed from…

Read more →

A couple of critical vulnerabilities in Kibana, tracked as CVE-2024-37288 and CVE-2024-37285, can lead to arbitrary code execution. Elastic urges an immediate update to version 8.15.1. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

A new sextortion scam variant is targeting spouses by claiming their partner is cheating on them and providing alleged proof in emails. These scams involve threatening to share compromising images or videos unless a payment is made. This article has…

Read more →

This flaw in the HTTP/2 multiplexer can lead to an endless loop, system crashes, and remote denial-of-service attacks, with a CVSS score of 7. 5. The vulnerability impacts HAProxy Enterprise, ALOHA, and Kubernetes Ingress Controller products. This article has been…

Read more →

The flaw in GeoServer, tracked as CVE-2024-36401 and with a CVSS score of 9.8, was swiftly capitalized on by hackers who launched campaigns using botnet families and cryptominers to spread malicious tools like Goreverse, a reverse proxy server. This article…

Read more →

This attack begins with victims unknowingly downloading a malicious ZIP archive containing an installer file that sideloads a malicious DLL. This DLL then downloads the LummaC2 Stealer and a PowerShell script from a command-and-control server. This article has been indexed…

Read more →

Initially believed to only impact SonicOS management access, it has now been confirmed to affect SSLVPN on SonicWall firewalls, including by Akira ransomware affiliates targeting accounts with disabled MFA and outdated firmware versions. This article has been indexed from Cyware…

Read more →

Despite its connection to FIN7, other threat actors have also employed PackXOR to distribute payloads like XMRig cryptominer and R77 rootkit, often in conjunction with SilentCryptoMiner. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Absolute Security has acquired Syxsense, an endpoint and vulnerability management provider, to enhance its cyber resilience platform. The acquisition aims to simplify patching and remediation through automated workloads. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Two men from Russia and Kazakhstan, Alex Khodyrev and Pavel Kublitskii, have been indicted in Tampa, Florida, for operating the Dark Web cybercriminal marketplace WWH Club. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center highlighted the ongoing discovery of vulnerabilities in Tomcat that pose a risk to organizations. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

IBM webMethods Integration Server is hit by a critical flaw (CVE-2024-45076) with a CVSS score of 9. 9, demanding urgent attention. This flaw allows authenticated users to execute arbitrary commands, escalate privileges, and access sensitive files. This article has been…

Read more →

Red Hat has issued a critical security advisory for an authentication bypass vulnerability (CVE-2024-7923) in Pulpcore, a content management system used in Red Hat Satellite deployments. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Apache has addressed a critical remote code execution vulnerability in its OFBiz software, which could allow attackers to run malicious code on Linux and Windows servers. OFBiz is a CRM and ERP suite that serves as a Java-based web framework.…

Read more →

A critical Remote Code Execution (RCE) flaw, CVE-2024-40711, with a CVSS score of 9. 8 has been discovered in Veeam Backup & Replication, allowing unauthorized attackers to take full control over systems. This article has been indexed from Cyware News…

Read more →

DarkCracks isn’t your typical malware campaign—it’s a sophisticated Launcher designed for long-term exploitation. It deploys malicious payloads through public websites, like school portals and booking systems, to infect unsuspecting users. This article has been indexed from Cyware News – Latest…

Read more →

Fog, a variant of STOP/DJVU family, targets various sectors, exploiting VPN vulnerabilities to infiltrate network defenses. After infiltration, Fog ransomware disables protective measures, encrypts vital files, and demands ransom via the Tor network. This article has been indexed from Cyware…

Read more →

CyberVolk, infamous for DDoS attacks and data breaches, has gained particular notoriety for its ransomware, detected in July 2024, due to its advanced features and capabilities. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The Penpie DeFi platform recently reported a $27 million cryptocurrency theft to the FBI and Singapore police. Hackers targeted the protocol, stealing ethereum and prompting Penpie to halt withdrawals and deposits. This article has been indexed from Cyware News –…

Read more →

Sami Khoury, the head of Canada’s cyber agency, is moving to a new role as the government’s senior official for cybersecurity after leading the Canadian Centre for Cyber Security (CCCS) since August 2021. This article has been indexed from Cyware…

Read more →

A new mobile malware called SpyAgent has been uncovered by McAfee’s Mobile Research Team. This malware targets mnemonic keys used for cryptocurrency wallets by scanning for images containing them on your device. This article has been indexed from Cyware News…

Read more →

The flaw, discovered by security researchers at Red Hat and G-Research, could lead to unauthorized access to sensitive data through mishandled images processed by qemu-img. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

The US has indicted members of Russian military intelligence unit 29155 for cyber-operations including WhisperGate hacks against Ukraine, offering up to $10 million for information. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

This authentication bypass flaw, with a CVSS score of 9.8 (the highest severity rating), could enable unauthorized users to gain administrative access to Red Hat Satellite, a commercial offering built on Foreman. This article has been indexed from Cyware News…

Read more →

Hackers from Russia and Belarus are increasingly targeting Latvian government and critical infrastructure websites in politically motivated cyberattacks, according to Latvian cybersecurity officials. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Hackers…

Read more →

MuddyWater, an Iranian hacker group since 2017, has been using legitimate RMM software to target organizations globally, focusing on government, military, telecom, and oil sectors. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

According to Onapsis, 83% of organizations experienced a ransomware attack in the past year. Of those, 46% experienced four or more attacks, and 14% faced 10 or more. The attacks resulted in at least 24 hours of downtime for 61%…

Read more →

Praetorian has uncovered GoffLoader, an in-memory execution tool that allows security professionals to run BOF and unmanaged Cobalt Strike PE files directly in memory without writing to disk. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The CVE-2024-26581 PoC exploit has been disclosed, posing a risk to Linux systems by allowing root compromise. The flaw exists in the nft_set_rbtree function within the Linux kernel, enabling attackers to access sensitive data on affected systems. This article has…

Read more →

Respotter is an open-source honeypot designed to detect attackers when they launch Responder within your environment. This application identifies active instances of Responder by exploiting its behavior when responding to any DNS query. This article has been indexed from Cyware…

Read more →

The White House has launched a cybersecurity hiring sprint to fill 500,000 job openings, part of a program to address the ongoing shortage in cyber, technology, and AI positions. This article has been indexed from Cyware News – Latest Cyber…

Read more →

The fake landing pages closely mimicked the real Lowe’s portal, prompting employees to enter their sales numbers, passwords, and security question answers, which then were sent to attackers. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Progress Software has alerted users to a critical vulnerability (CVE-2024-7591) in its LoadMaster ADC and load balancer solution. The flaw, with a CVSS score of 10, allows remote attackers to execute system commands without authentication. This article has been indexed…

Read more →

Global spending on information security is on track to reach nearly $212 billion next year, with a projected 15% increase from 2024. The majority of this spending is in security software, particularly in endpoint protection platforms. This article has been…

Read more →

Despite facing sanctions, Predator has managed to attract new customers and has been detected in various countries, including the Democratic Republic of Congo and Angola. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

A critical vulnerability (CVE-2024-2169) in Webmin/Virtualmin control panels allows for launching DoS attacks. This flaw reveals IP addresses through the UDP service on port 10000, enabling attackers to create a loop of traffic between servers. This article has been indexed…

Read more →

The group, active since at least 2023, exclusively targets companies in these countries. They use modern techniques to gain initial access to systems, primarily through phishing emails with custom malware like PhantomDL and PhantomCore. This article has been indexed from…

Read more →

CVE-2024-20017 is a critical zero-click exploit found in popular Wi-Fi chipsets like MediaTek MT7622/MT7915. The vulnerability allows remote code execution without user interaction, posing a severe risk with a CVSS score of 9.8. This article has been indexed from Cyware…

Read more →

A fake OnlyFans tool circulating among hackers promises to help steal accounts but actually infects them with the Lumma stealer malware, as discovered by Veriti Research. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Local attackers can exploit this weakness through malicious CLI commands without user interaction, but only if they have Administrator privileges. So far, there is no evidence of this vulnerability being exploited in the wild. This article has been indexed from…

Read more →

This campaign, active since July, utilizes at least three malicious ISO files to compromise Malaysian entities, containing components like a malicious executable and a decoy PDF file, ultimately delivering the Babylon RAT as a final payload. This article has been…

Read more →