Slack fixed a vulnerability in its AI feature that could allow attackers to steal data from private channels. The flaw involved a prompt injection flaw in an AI feature, which allowed attackers to manipulate the system to perform malicious actions.…
Category: Cyware News – Latest Cyber News
Urgent Edge Security Update: Microsoft Patches Zero-day & RCE Vulnerabilities
The urgent security update, Microsoft Edge Stable Channel Version 128.0.2739.42, based on Chromium versions 128.0.6613.85 and 128.0.6613.84, addresses a total of 25 security issues. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
China-linked APT Velvet Ant Exploited Zero-Day to Compromise Cisco Nexus Switches
The China-linked APT group Velvet Ant exploited a zero-day vulnerability in Cisco switches, CVE-2024-20399, to take control of network devices. The flaw in Cisco NX-OS Software’s CLI enabled attackers with Admin credentials to run arbitrary commands. This article has been…
Exploit for CVE-2024-38054 Released: Elevation of Privilege Flaw in Windows Kernel Streaming WOW Thunk
This vulnerability allows local attackers to escalate privileges to SYSTEM level through a heap-based buffer overflow. With a CVSS score of 7.8, CVE-2024-38054 is a critical flaw patched by Microsoft in July. This article has been indexed from Cyware News…
Hackers Now Use AppDomain Injection to Drop Cobalt Strike Beacons
Hackers are now using AppDomain Injection to drop Cobalt Strike beacons in a series of attacks that began in July 2024. This technique, known as AppDomain Manager Injection, can weaponize any Microsoft .NET application on Windows. This article has been…
NGate Android Malware Relays NFC Traffic to Steal Credit Card Data
This malware allows attackers to emulate victims’ cards, enabling them to make unauthorized payments or withdraw cash from ATMs. The campaign has been active since November 2023. This article has been indexed from Cyware News – Latest Cyber News Read…
SonicWall Issues Urgent Patch for Critical Firewall Vulnerability
SonicWall has released an urgent patch to address a critical vulnerability (CVE-2024-40766) in SonicOS, which could allow unauthorized access to their firewalls. The vulnerability could lead to system compromise and network disruption. This article has been indexed from Cyware News…
Qilin Ransomware Caught Stealing Credentials Stored in Google Chrome
A recent Qilin ransomware attack targeted several endpoints, stealing VPN credentials and Chrome browser data. This attack, detected in July 2024, involved network access through compromised VPN credentials without multi-factor authentication. This article has been indexed from Cyware News –…
MoonPeak Malware From North Korean Actors Unveils New Details on Attacker Infrastructure
MoonPeak is an evolved form of the Xeno RAT malware previously used by North Korean actors and is capable of loading plugins, launching processes, and communicating with a command-and-control (C2) server. This article has been indexed from Cyware News –…
Kanister Vulnerability Opens Door to Cluster-Level Privilege Escalation
Exploiting this flaw, attackers can manipulate daemonsets, create service account tokens, and impersonate high-privilege accounts like cluster-admin. This could lead to a complete cluster takeover. This article has been indexed from Cyware News – Latest Cyber News Read the original…
PG_MEM Malware Targets PostgreSQL Databases for Crypto Mining
Cryptojacking attackers are targeting poorly secured PostgreSQL databases on Linux systems. According to Aqua Security researchers, the attack begins with brute-force attempts to gain access to the database credentials. This article has been indexed from Cyware News – Latest Cyber…
New Phishing Campaign Targets US Government Organizations
The attackers have become more sophisticated in their approach, specifically targeting email addresses from 338 US government entities. The phishing links redirect victims to a fake Microsoft Teams login page. This article has been indexed from Cyware News – Latest…
Leveraging Ancient Tactics for Modern Malware
The HYAS Threat Intelligence team has detected threat actors using Steam for malicious activities, like hosting C2 domain addresses and exploiting user accounts. One actor used a Substitution Cipher to hide C2 domains. This article has been indexed from Cyware…
PoC Exploit Released for RCE 0-day CVE-2024-41992 in Arcadyan FMIMG51AX000J Model
A PoC exploit has been released for a critical vulnerability (CVE-2024-41992) found in the Arcadyan FMIMG51AX000J model, as well as other devices using the same firmware version. This article has been indexed from Cyware News – Latest Cyber News Read…
Fraudulent Slack Ad Shows Malvertiser’s Patience and Skills
The suspicious ad for Slack appeared legitimate but was likely malicious. Clicking on it would initially redirect to slack.com. However, after several days, it started redirecting to a click tracker, showing signs of a potentially malicious campaign. This article has…
New Opportunistic Campaign Exploit Log4j Vulnerability for Cryptomining and System Compromise
This latest Log4j exploitation-based attack uses obfuscated LDAP requests to evade detection and executes malicious scripts, establishing persistence and exfiltrating data through encrypted channels. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
Hardware Backdoor in Millions of Shanghai Fudan Microelectronics RFID Cards Allows Cloning
Researchers from Quarkslab found a hardware backdoor in the FM11RF08S RFID cards manufactured by Shanghai Fudan Microelectronics, enabling attackers to compromise user-defined keys within minutes. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Critical GitHub Enterprise Server Flaw Patched, Admin Access at Risk
GitHub disclosed three security vulnerabilities in GitHub Enterprise Server (GHES), including CVE-2024-6800, CVE-2024-6337, and CVE-2024-7711. The most severe, CVE-2024-6800, allowed attackers to forge a SAML response, granting site admin privileges. This article has been indexed from Cyware News – Latest…
Cybercriminals Exploit File Sharing Services to Advance Phishing Attacks
In these file-sharing phishing attacks, cybercriminals impersonate colleagues or trusted services to trick targets into clicking on malicious links that can lead to data theft or malware infection. This article has been indexed from Cyware News – Latest Cyber News…
Ingress-NGINX Annotation Validation Bypass Flaw (CVE-2024-7646) Allows Command Injection
The vulnerability allows attackers to inject malicious content into annotations, leading to arbitrary command injection and potential access to controller credentials, enabling full access to cluster secrets. This article has been indexed from Cyware News – Latest Cyber News Read…
Critical Flaw in LiteSpeed Cache Plugin Actively Exploited: Over 30,000 Attacks Blocked in 24 Hours
The widely used LiteSpeed Cache plugin for WordPress is being actively exploited through a critical security vulnerability, CVE-2024-28000, with over 30,000 attack attempts blocked in just 24 hours. This article has been indexed from Cyware News – Latest Cyber News…
Google Fixes Ninth Chrome Zero-Day Exploited in Attacks This Year
Google released an emergency security update to fix the ninth zero-day vulnerability exploited in attacks this year. The vulnerability, known as CVE-2024-7971, involves a type confusion weakness in Chrome’s V8 JavaScript engine. This article has been indexed from Cyware News…
MegaMedusa, RipperSec’s Public Web DDoS Attack Tool
RipperSec, a pro-Palestinian hacktivist group based in Malaysia, has released MegaMedusa, a publicly available Web DDoS attack tool that simplifies launching large-scale DDoS attacks. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
Critical Remote Code Execution Vulnerability Addressed in GiveWP Plugin
The vulnerability, identified as CVE-2024-5932, arises from inadequate validation of user-provided serialized data, allowing attackers to inject harmful PHP objects through the give_title parameter. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
TA453 Targets Religious Figure with Fake Podcast Invite Delivering New BlackSmith Malware Toolset
Iran-linked TA453 targeted a religious figure with a fake podcast interview invitation, attempting to deliver the BlackSmith malware toolkit. The initial lure involved an email leading to a malicious link containing the AnvilEcho PowerShell trojan. This article has been indexed…
Researcher Details Microsoft Outlook Zero-Click Vulnerability (CVE-2024-38021)
The vulnerability stems from how Outlook handles hyperlink objects in image tags in emails, enabling attackers to exploit a composite moniker to trigger remote code execution. This article has been indexed from Cyware News – Latest Cyber News Read the…
Critical Heap Overflow Vulnerability Discovered in FFmpeg, PoC Published
CVE-2024-7272 is a critical heap overflow vulnerability found in FFmpeg, the popular multimedia framework. The vulnerability affects versions up to 5.1.5 and has a CVSS score of 8.8. This article has been indexed from Cyware News – Latest Cyber News…
TLS Bootstrap Attack on Azure Kubernetes Services can Leak Sensitive Credentials
A new threat known as “WireServing” has been identified in Azure Kubernetes Services (AKS) by Mandiant. This vulnerability could have allowed attackers to escalate privileges and access sensitive credentials within compromised clusters. This article has been indexed from Cyware News…
New Msupedge Backdoor Targeting Taiwan Employs Stealthy Communications
Hackers have been using a PHP vulnerability to deploy a stealthy backdoor called Msupedge. This backdoor was recently used in a cyberattack against an unnamed university in Taiwan. This article has been indexed from Cyware News – Latest Cyber News…
RCE Vulnerability in Atlassian Bamboo Data Center and Server
This flaw, present in versions 9.1.0 through 9.6.0, allows authenticated attackers to execute arbitrary code within the Bamboo environment, posing risks to confidentiality, integrity, and availability. This article has been indexed from Cyware News – Latest Cyber News Read the…
Spring Security Flaw Leaves Applications Open to Unauthorized Access
A high-severity vulnerability (CVE-2024-38810) has been discovered in Spring Security, potentially allowing unauthorized access to sensitive data within affected applications. The vulnerability impacts Spring Security versions 6.3.0 and 6.3.1. This article has been indexed from Cyware News – Latest Cyber…
Rising Abuse of URL Rewriting in Phishing
The abuse of URL rewriting in phishing attacks has emerged as a new trend, allowing threat actors to hide malicious links behind trusted domains of security vendors. Exploiting these features enables bypassing detection mechanisms. This article has been indexed from…
Unmasking Styx Stealer: How a Hacker’s Slip Led to an Intelligence Treasure Trove
Styx Stealer is based on the Phemedrone Stealer and is available for purchase online. It has the ability to steal passwords, cookies, crypto wallet data, and messenger sessions, as well as gather system information. This article has been indexed from…
Over 10,000 WordPress Sites at Risk: Critical File Deletion Flaw Found in InPost Plugins
The vulnerability, known as CVE-2024-6500, affects the InPost PL and InPost for WooCommerce plugins, allowing attackers to read and delete sensitive files like the wp-config.php configuration file. This article has been indexed from Cyware News – Latest Cyber News Read…
Africa’s Economies Feel Pain of Cybersecurity Deficit
Cybercrime is a growing threat to Africa’s economies, hindering their progress despite rapid GDP growth. The continent faces challenges like digital illiteracy and a shortage of cybersecurity professionals. This article has been indexed from Cyware News – Latest Cyber News…
To Improve Your Cybersecurity Posture, Focus on the Data
To bolster cybersecurity, focus on managing and utilizing enterprise data efficiently. Companies possess significant data reserves, yet these are often scattered across different systems, necessitating manual efforts to extract value. This article has been indexed from Cyware News – Latest…
Hackers Linked to $14M Holograph Crypto Heist Arrested in Italy
Suspected hackers who stole $14 million worth of cryptocurrency from Holograph, a blockchain tech firm, have been arrested in Italy after living a lavish lifestyle for weeks in luxury villas. This article has been indexed from Cyware News – Latest…
Russia-linked Vermin Hackers Target Ukraine With new Malware Strain
CERT-UA has identified the deployment of two malicious tools by Vermin: Spectr spyware, which can capture screenshots and steal data, and a new malware strain called Firmachagent, which is used to upload stolen data. This article has been indexed from…
UK: NCSC Opens Cyber Resilience Audit Scheme to Applicants
The NCSC has launched the Cyber Resilience Audit (CRA) scheme to find auditors for a new cyber-resilience initiative. It focuses on conducting independent audits based on the Cyber Assessment Framework (CAF) to support nationally critical sectors. This article has been…
OpenAI Kills Iranian Accounts Spreading Us Election Disinformation
The operation was linked to Iran’s Storm-2035, also flagged by Microsoft for election interference. Google has also reported Iranian cyber influence activity. OpenAI identified 12 X accounts and one Instagram account involved in the operation. This article has been indexed…
Common API Security Issues: From Exposed Secrets To Unauthorized Access
API security is a major concern due to issues like exposed secrets and unauthorized access, leading to serious vulnerabilities for many organizations. A recent report shoed 35% of exposed API keys are still active, posing significant security risks. This article…
Digital Wallets can Allow Purchases With Stolen Credit Cards
Once a stolen card is added to the attacker’s wallet, they can use it to make purchases without being detected, even after the original card has been canceled. Recurring transactions are also vulnerable to abuse, allowing payments with locked cards.…
x64dbg: Open-Source Binary Debugger for Windows
x64dbg is an open-source binary debugger for Windows, perfect for malware analysis and reverse engineering executables. It has a user-friendly UI that simplifies navigation and provides context on the process. This article has been indexed from Cyware News – Latest…
Chrome Will Redact Credit Cards, Passwords When You Share Android Screen
Google is testing a feature in Chrome on Android to redact credit card details, passwords, and sensitive information when sharing your screen. Google aims to prevent leaks of sensitive data while recording or sharing screens. This article has been indexed…
Xeon Sender Enables Large-Scale SMS Spam Attacks Using Legitimate SaaS Providers
Xeon Senderallows attackers to conduct large-scale SMS spam and phishing campaigns using legitimate SaaS providers. Distributed through Telegram and hacking forums, it requires API credentials from popular providers like Amazon SNS and Twilio. This article has been indexed from Cyware…
Authentik: Open-Source Identity Provider
Authentik is known for its adaptability and flexibility. It seamlessly integrates into existing environments, offering support for various protocols. It simplifies tasks like sign-up and account recovery in applications. This article has been indexed from Cyware News – Latest Cyber…
Multiple Microsoft Apps for macOS Vulnerable to Library Injection Attacks
Microsoft has classified the issue as low-severity and has not issued any fixes, except for Teams and OneNote apps. Excel, Outlook, PowerPoint, and Word apps remain vulnerable. This article has been indexed from Cyware News – Latest Cyber News Read…
Update: Ransomware Attack on Indian Payment System Traced Back to Jenkins Bug
A recent ransomware attack on Indian payment systems has been traced back to a vulnerability in the widely used Jenkins automation system. The attack targeted a digital payment system used by many Indian banks. This article has been indexed from…
Update: US Agencies Attribute Presidential Campaign Cyberattacks to Iran
The statement — which came Monday from the FBI, CISA, and the Office of the Director of National Intelligence (ODNI) — specifically attributes the recently announced cyberattack on the campaign of former President Donald Trump to Iranian actors. This article…
Microsoft Mandates MFA for all Azure Sign-Ins
Phase 1 in October 2024 will require MFA for accessing Azure portal, Microsoft Entra admin center, and Intune admin center, with Phase 2 in early 2025 extending enforcement to Azure CLI, Azure PowerShell, mobile app, and Infrastructure as Code tools.…
CISA Adds Jenkins CLI Bug to its Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Jenkins Command Line Interface (CLI) Path Traversal vulnerability, known as CVE-2024-23897 with a CVSS score of 9.8, to its Known Exploited Vulnerabilities catalog. This article has been indexed from…
Cybercriminals Exploit Paris Olympics With Fake Domains
According to a report by cybersecurity researchers at BforeAI, threat actors used fake social media accounts, stores, ticketing systems, and fraudulent cryptocurrencies to target unsuspecting victims. This article has been indexed from Cyware News – Latest Cyber News Read the…
Ukrainian Bank’s Service for Military Donations Targeted by ‘Massive’ DDoS Attack
The attack, lasting from Friday to Monday, reached 7.5 billion requests per second, according to Monobank CEO. Despite not impacting operations, the bank collaborated with security services and specialists to manage the flood of internet traffic. This article has been…
Azure Domains and Google Abused to Spread Disinformation and Malware
Azure domains and Google have been exploited to spread disinformation and malware in a sophisticated campaign that involves using several Microsoft Azure and OVH cloud subdomains along with Google search notifications. This article has been indexed from Cyware News –…
Crypto Firm Says Hacker Locked All Employees Out of Google Products for Four Days
A cryptocurrency company reported to the SEC that a hacker breached its systems on August 9, 2024, locking all employees out of Google products for four days by changing the passwords on their G-Suite accounts. This article has been indexed…
Mad Liberator Gang Uses Fake Windows Update Screen to Hide Data Theft
A new cybercrime group named Mad Liberator has been identified by the Sophos X-Ops Incident Response team for targeting AnyDesk users. This ransomware group is using a fake Microsoft Windows update screen to hide their data exfiltration activities. This article…
Unfixed Microsoft Entra ID Authentication Bypass Threatens Hybrid IDs
Cymulate’s proof-of-concept attack demonstrates how multiple on-premises domains syncing to a single Azure tenant can lead to credential mishandling, potentially allowing unauthorized access to different domains. This article has been indexed from Cyware News – Latest Cyber News Read the…
Thousands of Oracle NetSuite E-Commerce Sites Expose Sensitive Customer Data
Thousands of Oracle NetSuite E-Commerce Sites are at Risk of Exposing Sensitive Customer Data due to a widespread misconfiguration in the SuiteCommerce enterprise resource planning (ERP) platform. This article has been indexed from Cyware News – Latest Cyber News Read…
Update: Windows Zero-Day Flaw was Exploited by North Korea-linked Lazarus APT
Microsoft has patched a zero-day vulnerability, known as CVE-2024-38193, that was being exploited by the North Korea-linked Lazarus APT group. This vulnerability is a privilege escalation issue in the Windows Ancillary Function Driver for WinSock. This article has been indexed…
Dozens of Google Products Targeted by Scammers via Malicious Search Ads
Scammers have been targeting dozens of Google products through malicious search ads. They impersonated Google’s product line and used Looker Studio to lock up Windows and Mac users’ browsers. This article has been indexed from Cyware News – Latest Cyber…
A Deep Dive Into a New ValleyRAT Campaign Targeting Chinese Speakers
The malware masquerades as legitimate applications like Microsoft Office and creates an empty file to lure users. It also checks for virtual machines and uses sleep obfuscation to evade memory scanners. This article has been indexed from Cyware News –…
CISA Warns Critical Vulnerabilities in Vonets WiFi Bridge Devices, No Patch Available
These vulnerabilities could allow attackers to execute arbitrary code, disclose sensitive information, or disrupt device functionality, posing a significant threat to industrial and commercial networks relying on these devices. This article has been indexed from Cyware News – Latest Cyber…
Server-Side Template Injection: Transforming Web Applications from Assets to Liabilities – Check Point Research
Server-Side Template Injection (SSTI) vulnerabilities are a growing concern in web applications, allowing attackers to inject malicious code into templates and gain control over servers. This article has been indexed from Cyware News – Latest Cyber News Read the original…
PrestaShop GTAG Websocket Skimmer
A recent investigation uncovered a credit card skimmer using a web socket connection to steal credit card details from an infected PrestaShop website. Attackers use web sockets for obfuscation, making it difficult to analyze traffic. This article has been indexed…
Doppelgänger Operation Rushes to Secure Itself Amid Ongoing Detections, German Agency Says
European hosting companies were found to be supporting the Kremlin-linked disinformation campaign, prompting Doppelgänger operators to quickly back up their systems and data. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Doppelgänger…
DigiCert Announces Acquisition of Vercara
DigiCert has announced the acquisition of Vercara to offer customers a unified DNS and certificate management experience. Vercara provides cloud-based services like managed DNS and DDoS security to protect networks and applications. This article has been indexed from Cyware News…
Biotech Company Hacked in 2023 Pays States $4.5 Million Over Breached Data
The state attorneys general of New York, New Jersey, and Connecticut reached an agreement with Enzo Biochem, which revealed the incident to the federal government in May 2023. This article has been indexed from Cyware News – Latest Cyber News…
Report: 56% of Security Professionals Worry About AI-Powered Threats
AI professionals have concerns about their jobs being replaced by AI tools, with 56% of security professionals worried about AI-powered threats, as reported by Pluralsight. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Report: Ransomware Gangs Rake in More Than $450 Million in First Half of 2024
Ransomware groups have earned over $450 million in H1 2024 by extorting victims through cryptocurrency payments, according to a report by Chainalysis. It has risen from the previous year, with a record ransom payment of $75 million reported. This article…
The AI Balancing Act: Unlocking Potential, Dealing with Security Issues, Complexity
Many organizations struggle with AI literacy, cautious adoption, and risks of immature implementation, leading to disruptions in security, including data threats and AI misuse. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
Russian Citizen Sentenced in US for Selling Stolen Financial Data on Criminal Marketplace
A Russian citizen, known by various online names like “TeRorPP,” has been sentenced to 40 months in a U.S. prison for selling financial data and login credentials on the criminal marketplace Slilpp. This article has been indexed from Cyware News…
It’s Time to Stop Thinking of Threat Groups as Supervillains, Experts Say
CISA Director Jen Easterly highlighted the importance of not glamorizing threat actors, urging defenders to focus on detecting and responding to malicious tactics rather than being fixated on the threat groups themselves. This article has been indexed from Cyware News…
Meta Warns of Troll Networks From Russia, Iran Ahead of US Elections
Meta has warned of troll networks originating from Russia and Iran ahead of the US elections. According to a report by Meta, Russia remains the top source of disrupted troll networks on Facebook and Instagram, followed closely by Iran. This…
DDoS Attack Volume Rises, Peak Power Reaches 1.7 Tbps
According to Gcore, the number of DDoS attacks in the first half of 2024 increased by 46% compared to the same period in 2023, reaching a total of 830,000 attacks. The peak attack power also rose to 1.7 terabits per…
Ransomware Attackers Introduce New EDR Killer to Disable Protection on Compromised Hosts
A cybercrime group linked to RansomHub ransomware has been seen using a new EDR-killing tool, named EDRKillShifter, to disable endpoint detection and response software on compromised hosts. This article has been indexed from Cyware News – Latest Cyber News Read…
Google Warns of Iranian Hackers Targeting Affiliates of Both US Presidential Campaigns
Iranian hackers linked to the government of Iran have increased their phishing attacks on high-profile individuals in the U.S. and Israel, including those affiliated with U.S. presidential campaigns, according to Google. This article has been indexed from Cyware News –…
M&A Activity can Amplify Ransomware Insurance Losses, Research Finds
M&A activity can increase ransomware insurance losses, with the severity of claims rising over 400% from 2022 to 2023, according to research by cyber risk company Resilience. This article has been indexed from Cyware News – Latest Cyber News Read…
Ransomware Group Behind Major Indonesian Attack Wears Many Masks
Researchers have linked Brain Cipher to at least three other groups operating under different names. Despite its global reach, the group’s tactics are not particularly sophisticated. This article has been indexed from Cyware News – Latest Cyber News Read the…
An Analysis of Common Malware Loaders
In 2024, loaders were involved in nearly 40% of critical security incidents, with popular ones being SocGholish, GootLoader, and Raspberry Robin, aiming to deliver malware like ransomware, according to Reliaquest. This article has been indexed from Cyware News – Latest…
Highly-Personalized Phishing Campaign Targets Russian Government Dissidents
A spear-phishing campaign targeting Russian government dissidents and Western organizations, attributed to the Russian FSB and threat actor COLDRIVER, uses personalized social engineering tactics to gain access to online accounts. This article has been indexed from Cyware News – Latest…
Massive Cyberattack Hit Central Bank of Iran
A major cyberattack struck the Central Bank of Iran and other Iranian banks, causing disruptions. The incident, reported by Iranian news outlets and Iran International, resulted in the crippling of the banks’ computer systems. This article has been indexed from…
Windows TCP/IP RCE Impacts all Systems with IPv6 Enabled, Patch Now
A critical TCP/IP remote code execution (RCE) vulnerability affecting all Windows systems with IPv6 enabled has been discovered, prompting Microsoft to issue a warning urging users to patch their systems immediately. This article has been indexed from Cyware News –…
South Korea Says DPRK Hackers Stole Spy Plane Technical Data
South Korea’s ruling party, the People Power Party (PPP), has reported that hackers from North Korea have stolen important technical data related to the country’s main battle tank, the K2, as well as its spy planes known as “Baekdu” and…
Ongoing Social Engineering Campaign Refreshes Payloads
Rapid7 identified multiple intrusion attempts by threat actors utilizing social engineering tactics on June 20, 2024. The threat actors use email bombs followed by calls to offer fake solutions, with recent incidents involving Microsoft Teams calls. This article has been…
CryptoCore: Unmasking the Sophisticated Cryptocurrency Scam Operations
The CryptoCore group’s scam operation leverages deepfake technology, hijacked YouTube accounts, and professionally designed websites to trick users into sending cryptocurrencies to scammer wallets. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
FBI Says it is Investigating Purported Trump Campaign Hack
The FBI is investigating a suspected hack of the Trump campaign, following accusations of Iranian involvement. The Trump campaign blames foreign sources and cited a Microsoft report linking Iranian hackers to covert efforts to influence the election. This article has…
Prolific Malvertising Scammer Arrested and Extradited to US to Face Charges
Maxim Silnikau, a Belarusian-Ukrainian cybercriminal dubbed one of the most prolific Russian-speaking hackers by the UK’s NCA, has been arrested in Spain and extradited to the US. This article has been indexed from Cyware News – Latest Cyber News Read…
Update: New Windows SmartScreen Bypass Exploited as Zero-Day Since March
A security loophole in Windows SmartScreen, known as CVE-2024-38213, was exploited by attackers as a zero-day to bypass protection. Microsoft patched this vulnerability during the June 2024 Patch Tuesday. This article has been indexed from Cyware News – Latest Cyber…
How CIOs, CTOs, and CISOs View Cyber Risks Differently
C-suite executives face the challenge of balancing technological innovation with cybersecurity resilience. A report by LevelBlue highlighted the complexities of their roles and the need for strategic cybersecurity approaches. This article has been indexed from Cyware News – Latest Cyber…
Phishing Campaign Poses as Ukraine’s Security Service to Spread ANONVNC Malware
Cybercriminals impersonated the Security Service of Ukraine (SSU) using malicious spam emails to target and infect the systems of Ukrainian government agencies. The attackers successfully distributed AnonVNC malware to over 100 computers. This article has been indexed from Cyware News…
Microsoft Discloses 10 Zero-Day Bugs in Patch Tuesday Update
Microsoft released its August 2024 Patch Tuesday updates, fixing 89 vulnerabilities, including nine zero-days. Among these, six zero-days were actively exploited, while three others were publicly disclosed. A tenth zero-day still remains unpatched. This article has been indexed from Cyware…
Biden Administration Pledges $11 Million to Open Source Security Initiative
The effort, known as the Open-Source Software Prevalence Initiative (OSSPI), aims to identify where open-source software components are being used in sectors like healthcare, transportation, and energy production to enhance national cybersecurity. This article has been indexed from Cyware News…
Feds Seize Radar/Dispossessor Ransomware Gang Servers in US and Europe
Federal authorities have seized servers belonging to the Radar/Dispossessor ransomware gang in the U.S. and Europe. The FBI dismantled dozens of servers linked to the group, which is believed to have ties to the LockBit ransomware enterprise. This article has…
Report: 35% of Exposed API Keys Still Active, Posing Major Security Risks
Nightfall AI’s research found that 35% of exposed API keys were still active, leading to significant security risks. The study uncovered an average of about 350 secrets, including passwords and API keys, exposed per 100 employees annually on GitHub. This…
Critical SAP Flaw Allows Remote Attackers to Bypass Authentication
SAP has released a security patch package for August 2024, addressing 17 vulnerabilities, including a critical authentication bypass flaw (CVE-2024-41730) in the SAP BusinessObjects Business Intelligence Platform. This article has been indexed from Cyware News – Latest Cyber News Read…
Cybercriminal Duo Attracts FBI Notice by Spending Big & Living Large
The FBI found that the cybercriminal duo was involved in Dark Web platforms like WWH Club, Skynetzone, and Opencard for buying, selling, and trading sensitive information and cybercriminal training. This article has been indexed from Cyware News – Latest Cyber…
Manufacturer Orion SA says scammers conned it out of $60M
Orion SA recently disclosed to US regulators that it fell victim to a criminal wire fraud scheme resulting in a $60 million loss. The incident, possibly a BEC scam, involved fraudulent wire transfers to unknown third-party accounts by an employee.…
DeathGrip: Emergence of a new Ransomware-as-a-Service
Promoted through Telegram and other underground forums, DeathGrip RaaS offers aspiring threat actors on the dark web sophisticated ransomware tools, including LockBit 3.0 and Chaos builders. This article has been indexed from Cyware News – Latest Cyber News Read the…
Exploiting pfsense Flaw for Remote Code Execution
During a recent security audit by Laburity researchers, an application with a vulnerability related to pfblockerNG was identified. Attempts using default credentials failed, but an exploit from exploit-db was unsuccessful. This article has been indexed from Cyware News – Latest…
New Banshee MacOS Stealer Attacking Users to Steal Keychain Data
The Banshee Stealer can rob sensitive data, including passwords from macOS Keychain, system information, and data from popular web browsers like Safari, Chrome, and Firefox. It can also access cryptocurrency wallets and plugins. This article has been indexed from Cyware…