Category: Cyware News – Latest Cyber News

Discovered by security researcher Rafie Muhammad, the flaw allows unauthorized users to take control of logged-in accounts, potentially gaining administrator privileges on WordPress sites. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Cisco has issued a warning about a backdoor admin account discovered in the Cisco Smart Licensing Utility (CSLU), allowing unauthorized access to unpatched systems. This critical flaw (CVE-2024-20439) enables remote access with admin privileges. This article has been indexed from…

Read more →

Despite this, the risk is limited as attackers would need physical access to the device, specific knowledge of targeted accounts, and specialized equipment for the attack. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Google has patched a high-severity vulnerability, known as CVE-2024-32896, in its Android OS actively exploited in the wild. The issue involves a privilege escalation in the Android Framework component. This article has been indexed from Cyware News – Latest Cyber…

Read more →

This method could potentially lead to numerous malicious package downloads. The attack involves hijacking popular projects by registering new projects under the names of removed packages on PyPI. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

A new ransomware variant named Underground, linked to the Russia-based RomCom group, encrypts files on victims’ Windows machines and demands a ransom for decryption. It has been active since July 2023. This article has been indexed from Cyware News –…

Read more →

Two vulnerabilities, CVE-2021-20123 and CVE-2021-20124, pose serious risks for Draytek VigorConnect routers, potentially leading to unauthorized access to sensitive files. Another vulnerability, CVE-2024-7262, affects Kingsoft WPS Office. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Malicious actors potentially utilized the MacroPack red-teaming framework to distribute harmful payloads like Brute Ratel and Havoc tools, as well as a new version of the PhantomCore remote access trojan. This article has been indexed from Cyware News – Latest…

Read more →

The FBI issued a warning about aggressive social engineering attacks by North Korean hacking groups targeting cryptocurrency firms. The attacks involve deploying malware to steal crypto assets through highly targeted tactics that are hard to detect. This article has been…

Read more →

The industry remains largely unscathed by cyber threats, but recent events like the JBS ransomware attack highlight vulnerabilities. The sector’s increased automation makes it a target for hackers, posing risks to the US food supply. This article has been indexed…

Read more →

The Dutch Data Protection Authority (Dutch DPA) fined Clearview AI $34 million for the illegal creation of a facial image database. If Clearview AI does not comply, an additional fine of up to $5.5 million will be imposed. This article…

Read more →

The latest version 4.0.1 of the Payment Card Industry Data Security Standard (PCI DSS) has introduced key changes to address the evolving digital landscape. While some requirements are already in effect, others will come into play by April 2025. This…

Read more →

Ransomware groups are increasingly weaponizing stolen data to pressure victims into paying. They analyze data to maximize damage and create opportunities for extortion, targeting business leaders and employees for blame. This article has been indexed from Cyware News – Latest…

Read more →

The Biden administration has dropped its appeal of a court decision that rejected new regulations restricting hospitals’ use of web-tracking tools. A Texas judge ruled the administration’s efforts illegal in June. This article has been indexed from Cyware News –…

Read more →

DVUEFI was created to assist ethical hackers, security researchers, and firmware enthusiasts in beginning their journey into UEFI firmware security by providing examples to explore potential vulnerabilities. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Swan Bitcoin CEO Cory Klippsten has warned users about phishing emails targeting the platform’s users. The scam involves fake “Data Breach Notice” emails, possibly linked to the Klaviyo and HubSpot data breaches in 2022. This article has been indexed from…

Read more →

The mastermind behind the operation, Callum Picari, along with his accomplices Vijayasidhurshan Vijayanathan and Aza Siddeeque, were arrested by National Crime Agency (NCA) officers in March 2021. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The most common scams involve government impersonation, business impersonation, and tech support, where scammers persuade victims to withdraw cash from their bank accounts and deposit it into Bitcoin ATMs. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Hackers exploited a vulnerability in Verkada’s customer support server, gaining access to the Command platform and extracting video footage and customer data. Another incident involved a hacker installing the Mirai botnet on Verkada’s network server. This article has been indexed…

Read more →

Automated threats are increasingly difficult to keep up with, with 98% of organizations attacked by bots experiencing revenue loss, according to Kasada. Web scraping and account fraud are the primary threats causing revenue losses. This article has been indexed from…

Read more →

The White House advised network operators to implement Resource Public Key Infrastructure (RPKI) to enhance security, which involves digital certificates managed by Regional Internet Registries. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

The flaw, known as CVE-2024-7261, has a CVSS v3 score of 9.8, enabling hackers to execute arbitrary commands on the host operating system by manipulating user-supplied data. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Security researchers have identified six vulnerabilities, including a race condition in the Bluetooth RFCOMM protocol driver that can crash the system, a race condition in the Bluetooth subsystem, and a double-free error in the net/mlx5e module. This article has been…

Read more →

Researchers have traced the new ManticoraLoader malware-as-a-service (MaaS) to the cybercriminal group ‘DarkBLUP,’ previously associated with distributing AresLoader and AiDLocker ransomware from the DeadXInject group. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Security researchers discovered a SQL injection vulnerability in FlyCASS, a third-party web service used by airlines to manage the Known Crewmember (KCM) program and the Cockpit Access Security System (CASS). This article has been indexed from Cyware News – Latest…

Read more →

A North Korean APT used a Google Chrome zero-day flaw, CVE-2024-7971, to deploy the FudModule rootkit. Microsoft researchers linked these attacks to Citrine Sleet (AppleJeus, Labyrinth Chollima, UNC4736, or Hidden Cobra) with medium confidence. This article has been indexed from…

Read more →

The malicious DLL implant for the Cobalt Strike attack toolkit gets injected into the Windows binary “runonce.exe,” giving total control to the attackers. The campaign further deploys various malicious tools for reconnaissance and data exfiltration. This article has been indexed…

Read more →

Roblox developers are being targeted by a new malicious npm campaign. Cybercriminals have created fake Roblox npm packages with the aim of deploying a remote access trojan called Quasar. This article has been indexed from Cyware News – Latest Cyber…

Read more →

A Forescout report highlighted a 43% increase in published vulnerabilities, with 23,668 reported in H1 2024. Ransomware attacks also rose by 6%, totaling 3,085 incidents, with the U.S. being the most targeted country. This article has been indexed from Cyware…

Read more →

Sinon is an open-source tool designed to automate the burn-in process of Windows-based deception hosts. It simplifies the orchestration of deception hosts at scale by incorporating generative capabilities to introduce diversity and randomness. This article has been indexed from Cyware…

Read more →

GreenCharlie attackers use dynamic DNS providers to register domains for phishing attacks, with deceptive themes like cloud services and document visualization to trick victims into revealing sensitive information or downloading malware payloads. This article has been indexed from Cyware News…

Read more →

Backers included BackingMinds, in combination with industry veterans such as Jesper Zerlang (ex-CEO of Logpoint), Lars Ankjer, Otto Krabbe, Rolf Bladt, and several angels and key employees. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The group behind Cicada3301 has been recruiting affiliates on cybercrime forums since June. It is speculated that Cicada3301 could be related to the now-defunct ALPHV group, as both ransomware share similarities. This article has been indexed from Cyware News –…

Read more →

A fake Palo Alto GlobalProtect VPN access tool is being used as bait by threat actors targeting Middle Eastern organizations. The malware, disguised as a legitimate tool, can steal data and execute remote commands to infiltrate networks further. This article…

Read more →

The CISA has launched a cyber incident reporting portal to make breach disclosure easier. It allows organizations to report cyberattacks, vulnerabilities, and data breaches voluntarily. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

The new draft of NIST’s digital identity proofing guidelines includes updates to accommodate passkeys and mobile driver’s licenses, as well as options for identification without using biometrics like facial recognition. This article has been indexed from Cyware News – Latest…

Read more →

According to a report by Critical Start Cyber Research Unit, the manufacturing industry was the top target for cyber threats in H1 2024, professional services saw a 15% increase in attacks, and healthcare experienced a 180% surge in incidents. This…

Read more →

The campaign, known as “Contagious Interview,” tricks developers into downloading fake npm packages or installers. The attackers deploy a Python payload named InvisibleFerret to steal data from cryptocurrency wallets. This article has been indexed from Cyware News – Latest Cyber…

Read more →

The attackers use spear-phishing lures and watering hole campaigns to infiltrate networks and collect sensitive data. Huntress identified four compromised hosts in recent attacks, linking them to Cobalt Strike Beacons and encrypted DLL payloads. This article has been indexed from…

Read more →

Russian hackers exploited vulnerabilities in Safari and Chrome to launch cyberattacks from November 2023 to July 2024. They used a watering hole attack on Mongolian government websites to infect mobile users with malware, stealing information. This article has been indexed…

Read more →

Once installed, the Rocinante malware prompts the victim to grant Accessibility Services and displays phishing screens tailored to different banks to steal personal information. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

The ransomware operation focuses on data theft extortion rather than encrypting files, with victims facing the threat of stolen data being leaked or sold if negotiations fail. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The attack starts with a phishing email disguised as a fund transfer notification, with an attached Excel file named “swift copy.xls” that triggers the deployment of Snake Keylogger on the victim’s computer upon opening. This article has been indexed from…

Read more →

The Godzilla fileless backdoor relies on a complex series of actions, such as cryptographic operations, class loading, and dynamic injection, to establish unauthorized access. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

The campaign, which targeted organizations worldwide, involved impersonating tax authorities from various countries and utilizing Google Sheets for command and control (C2). This article has been indexed from Cyware News – Latest Cyber News Read the original article: Suspected Espionage…

Read more →

The QiAnXin Threat Intelligence Center has revealed the details of “Operation DevilTiger,” a cyber espionage campaign carried out by the elusive APT-Q-12 group, also known as “Pseudo Hunter.” This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The U.S. Department of State and the Secret Service are offering a reward of $2.5 million for information leading to the capture of Belarusian cybercriminal Volodymyr Kadariya, who is linked to the Angler Exploit Kit. This article has been indexed…

Read more →

U.S. cybersecurity leaders are focusing on preparing for the potential risks posed by quantum cryptography tools that could threaten critical infrastructure and national security. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Cequence Security found that cyberattacks against the travel industry surge during holidays, with 91% of severe vulnerabilities in the top 10 travel and hospitality sites enabling man-in-the-middle attacks. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The FBI investigation revealed that the suspect, Daniel Rhyne, had accessed the company’s systems without authorization and changed passwords for various accounts. Rhyne’s actions were intended to deny the company access to its systems and data. This article has been…

Read more →

Third-party risk management is a critical issue in the wake of the CrowdStrike IT outage, revealing vulnerabilities within financial institutions related to supply chain resilience, especially in vital sectors like financial services. This article has been indexed from Cyware News…

Read more →

More than 150 people filed complaints to the Information Commissioner’s Office (ICO) regarding the delay in responding to subject access requests (SARs) after the cyberattack in October 2021. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Over the last few years, ransomware attacks have become a major concern for schools and colleges in the US, with an average of $500,000 being lost per day due to downtime from these attacks, according to Comparitech. This article has…

Read more →

The spear-phishing emails impersonate reputable companies like Periscope Holdings and R.S. Hughes, prompting victims to surrender their Microsoft credentials by clicking on a file attachment. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Grove Group, a cybersecurity and cloud services company based in Cape Town, brings around 600 customers across 51 countries to Integrity360. This acquisition will also enhance Integrity360’s security operations center (SOC) business. This article has been indexed from Cyware News…

Read more →

Key aspects of the NIS2 Directive include a focus on proactive cybersecurity measures for entities within its scope, such as risk analysis, incident handling, and supply chain security. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The Department of Information and Communications Technology (DICT) is focusing on enhancing cybersecurity in the Philippines through the National CyberSecurity Plan (NCSP) 2023-2028. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Philippines:…

Read more →

California has passed a landmark bill that requires internet browsers and mobile operating systems to make it easier for consumers to opt out of sharing their private data with websites for targeted advertising. This article has been indexed from Cyware…

Read more →

The PoorTry Windows driver, originally used to disable EDR solutions, has now evolved into an EDR wiper, deleting crucial files to make system restoration harder. Sophos has confirmed actual EDR wiping attacks in the wild. This article has been indexed…

Read more →

The vulnerability, known as CVE-2024-7029, allows attackers to remotely execute commands on the compromised device. The targeted device is the AVM1203 surveillance camera from AVTECH. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Cisco is strengthening its AI security by acquiring Robust Intelligence, a startup led by a former Harvard professor. This acquisition emphasizes the importance of AI security in modern IT infrastructure. This article has been indexed from Cyware News – Latest…

Read more →

The latest variant employs obfuscated PowerShell commands to download and execute malicious payloads, utilizing Windows binaries like Mshta.exe and Dllhost.exe for stealth. This article has been indexed from Cyware News – Latest Cyber News Read the original article: LummaC2 Infostealer…

Read more →

APT33 used the new Tickler malware to infiltrate government and defense organizations in the US and the UAE. The group, known as Peach Sandstorm and Refined Kitten, is linked to the Iranian Revolutionary Guard Corps. This article has been indexed…

Read more →

The domain actsblue[.]com is posing as the legitimate actblue[.]com, a platform for Democratic Party donations. The malicious site is registered anonymously with Namecheap, making it difficult to trace back to the threat actors. This article has been indexed from Cyware…

Read more →

A critical vulnerability, CVE-2024-42815, with a CVSS score of 9.8, has been discovered in TP-Link RE365 V1_180213 series routers, allowing for remote exploitation and potential takeover. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The flaw, known as CVE-2024-6633, involves the use of default credentials for the HSQL database, which could compromise the software’s confidentiality, integrity, and availability. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

The threat group known as Bling Libra, previously linked to the Ticketmaster data breach, has shifted to the double extortion strategy in cloud attacks, according to researchers at Palo Alto Networks’ Unit 42. This article has been indexed from Cyware…

Read more →

Flowise, a popular low-code tool backed by Y Combinator, was particularly at risk due to an authentication bypass vulnerability that allowed access to sensitive information such as GitHub tokens and API keys in plaintext. This article has been indexed from…

Read more →

Google released a security update this week to address the actively exploited Chrome zero-day vulnerability. The vulnerability, CVE-2024-7965, is an inappropriate implementation issue in Chrome’s V8 JavaScript engine. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Miggo has uncovered a security flaw in AWS Load Balancer that could allow cybercriminals to bypass authentication and authorization services, potentially affecting over 15,000 applications. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

The latest encryptor variant identified by researchers at Cisco Talos appends the file extension ‘blackbytent_h’ to encrypted files. This variant also includes the deployment of four vulnerable drivers, an increase from previous reports. This article has been indexed from Cyware…

Read more →

A new QR code phishing campaign is using Microsoft Sway to steal credentials. The attacks primarily target users in Asia and North America, particularly in the technology, manufacturing, and finance sectors. This article has been indexed from Cyware News –…

Read more →

The GuidePoint Research and Intelligence Team (GRIT) discovered attacker domain names and IP addresses targeting over 130 US organizations through a campaign that begins by stealing credentials and passcodes using social engineering tactics. This article has been indexed from Cyware…

Read more →

Israeli cybersecurity firm Check Point Software Technologies has announced the acquisition of threat intelligence company Cyberint, marking its third startup acquisition in a year. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Lumen researchers identified the bug and reported it to Versa in June, with active exploitation by Volt Typhoon observed since at least June. The attackers use a Web shell called VersaMem to capture credentials and monitor system activity. This article…

Read more →

ESET uncovered a new cyber-espionage campaign tied to a South Korean APT group that used a remote code execution (RCE) vulnerability in WPS Office for Windows to deploy a custom backdoor called “SpyGlace.” This article has been indexed from Cyware…

Read more →

According to AppOmni, one-third of organizations experienced SaaS data breaches last year due to a lack of visibility and control, as revealed by a survey of 644 enterprises globally. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Lateral movement is a key indicator of ransomware attacks, with 44% of attacks being spotted during this phase, as reported by Barracuda Networks. Additionally, file modifications and off-pattern behavior were also significant triggers for detection. This article has been indexed…

Read more →

The vulnerability, tracked as CVE-2024-7965 and reported by a security researcher known as TheDog, involved a bug in the compiler backend that could allow remote attackers to exploit heap corruption through a crafted HTML page. This article has been indexed…

Read more →

India is experiencing a rise in cyberattacks on its critical infrastructure, particularly in the financial and government sectors, prompting the Reserve Bank of India to issue warnings about the need for enhanced cybersecurity measures. This article has been indexed from…

Read more →

This campaign is notable for its malicious apps for Windows, Linux, and macOS users. The attackers have created different versions of Cheana Stealer for each OS to widen their attack surface. This article has been indexed from Cyware News –…

Read more →

Diversifying suppliers and systems can help minimize risks, as shown by corporations that purchase networking equipment from multiple vendors to prevent total network failure in case of vendor issues. This article has been indexed from Cyware News – Latest Cyber…

Read more →

SonicWall has addressed a critical vulnerability (CVE-2024-40766) in its next-gen firewalls, which could be exploited by remote attackers to gain unauthorized access and potentially crash the devices. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Top universities in Australia will compete in the Australian Cybersecurity Games at UNSW from September 2-30, 2024. This event, organized by SECedu, features cybersecurity experts collaborating with leading universities like UNSW. This article has been indexed from Cyware News –…

Read more →

NASA’s IV&V Facility is expanding its cybersecurity services to enhance the safety of its missions. This initiative includes incorporating cybersecurity assessments into their traditional roles of software examination. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The Dutch Data Protection Authority (AP) announced the €290m ($324m) fine yesterday, claiming that it stems from the same concerns that have led to years-long legal wranglings between the EU and US. This article has been indexed from Cyware News…

Read more →

Nuclei is an open-source vulnerability scanner known for its speed and customizable YAML-based templates. It offers flexibility in security checks by allowing customization of templates to send requests to multiple targets. This article has been indexed from Cyware News –…

Read more →

Over 100 government officials recently completed a comprehensive cybersecurity training program, focusing on global cybersecurity trends, security standards, and data protection governance. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Zimbabwe Government…

Read more →

A security researcher has published a proof-of-concept exploit for a critical zero-click vulnerability, CVE-2024-38063, in Windows TCP/IP. This flaw allows remote code execution on Windows systems with IPv6 enabled, affecting millions of devices. This article has been indexed from Cyware…

Read more →

Cybercriminals are sending malicious SMS messages demanding payment for non-existent charges across Illinois, Florida, North Carolina, and Washington. These scams imitate state authorities and provide links to fake payment websites to steal data. This article has been indexed from Cyware…

Read more →

Inherent vulnerabilities stem from the underlying formats and processes of the technology, allowing attackers to exploit features like automatic code execution in ML models and certain dataset formats. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Despite law enforcement actions disrupting major ransomware operations, the long-term impact remains uncertain as groups adapt and evolve. Ransomware-as-a-Service (RaaS) collectives are facing growing competition to attract affiliates. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The scammers targeted both McDonald’s Instagram and a senior marketing director’s Twitter account, leveraging the association between Grimace, McDonald’s iconic purple mascot, and the brand to add credibility to their scam. This article has been indexed from Cyware News –…

Read more →

The plugin, which was added to Pidgin’s third-party plugins list on July 6th, was flagged by a user, 0xFFFC0000, on August 16th, who reported suspicious behavior, including the unauthorized capture and sharing of screenshots. This article has been indexed from…

Read more →

Researchers found a vulnerability in the Shimano Di2 system’s proprietary protocol, making it susceptible to a replay attack. They demonstrated that an attacker could intercept and replay commands using off-the-shelf software-defined radio. This article has been indexed from Cyware News…

Read more →

Two deceptive campaigns were identified recently using Google ads and Microsoft’s infrastructure. The first scam involves a fake helpdesk page on Microsoft Learn whereas the second one hijacks Microsoft search queries through a Google ad. This article has been indexed…

Read more →

These vulnerabilities, known as CVE-2024-32501, CVE-2024-33852, CVE-2024-33853, CVE-2024-33854, CVE-2024-5725, and CVE-2024-39841, pose a significant risk to organizations relying on Centreon for IT infrastructure monitoring. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

This vulnerability allows authorized users to inject and execute malicious code through the plugin’s shortcode feature, potentially leading to data theft and website takeover. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

The FBI lacks proper policies and controls for tracking and disposing of storage media, leading to risks of loss or theft. The audit also identified physical security gaps in the media destruction process at FBI facilities. This article has been…

Read more →

A new report from the CMO Council and KPMG shows that building strong relationships between marketing and data security teams is crucial, but one-third of partnerships struggle with collaboration. This article has been indexed from Cyware News – Latest Cyber…

Read more →