Category: Cyware News – Latest Cyber News

Slack fixed a vulnerability in its AI feature that could allow attackers to steal data from private channels. The flaw involved a prompt injection flaw in an AI feature, which allowed attackers to manipulate the system to perform malicious actions.…

Read more →

The urgent security update, Microsoft Edge Stable Channel Version 128.0.2739.42, based on Chromium versions 128.0.6613.85 and 128.0.6613.84, addresses a total of 25 security issues. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

The China-linked APT group Velvet Ant exploited a zero-day vulnerability in Cisco switches, CVE-2024-20399, to take control of network devices. The flaw in Cisco NX-OS Software’s CLI enabled attackers with Admin credentials to run arbitrary commands. This article has been…

Read more →

This vulnerability allows local attackers to escalate privileges to SYSTEM level through a heap-based buffer overflow. With a CVSS score of 7.8, CVE-2024-38054 is a critical flaw patched by Microsoft in July. This article has been indexed from Cyware News…

Read more →

Hackers are now using AppDomain Injection to drop Cobalt Strike beacons in a series of attacks that began in July 2024. This technique, known as AppDomain Manager Injection, can weaponize any Microsoft .NET application on Windows. This article has been…

Read more →

This malware allows attackers to emulate victims’ cards, enabling them to make unauthorized payments or withdraw cash from ATMs. The campaign has been active since November 2023. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

SonicWall has released an urgent patch to address a critical vulnerability (CVE-2024-40766) in SonicOS, which could allow unauthorized access to their firewalls. The vulnerability could lead to system compromise and network disruption. This article has been indexed from Cyware News…

Read more →

A recent Qilin ransomware attack targeted several endpoints, stealing VPN credentials and Chrome browser data. This attack, detected in July 2024, involved network access through compromised VPN credentials without multi-factor authentication. This article has been indexed from Cyware News –…

Read more →

MoonPeak is an evolved form of the Xeno RAT malware previously used by North Korean actors and is capable of loading plugins, launching processes, and communicating with a command-and-control (C2) server. This article has been indexed from Cyware News –…

Read more →

Exploiting this flaw, attackers can manipulate daemonsets, create service account tokens, and impersonate high-privilege accounts like cluster-admin. This could lead to a complete cluster takeover. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Cryptojacking attackers are targeting poorly secured PostgreSQL databases on Linux systems. According to Aqua Security researchers, the attack begins with brute-force attempts to gain access to the database credentials. This article has been indexed from Cyware News – Latest Cyber…

Read more →

The attackers have become more sophisticated in their approach, specifically targeting email addresses from 338 US government entities. The phishing links redirect victims to a fake Microsoft Teams login page. This article has been indexed from Cyware News – Latest…

Read more →

The HYAS Threat Intelligence team has detected threat actors using Steam for malicious activities, like hosting C2 domain addresses and exploiting user accounts. One actor used a Substitution Cipher to hide C2 domains. This article has been indexed from Cyware…

Read more →

A PoC exploit has been released for a critical vulnerability (CVE-2024-41992) found in the Arcadyan FMIMG51AX000J model, as well as other devices using the same firmware version. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The suspicious ad for Slack appeared legitimate but was likely malicious. Clicking on it would initially redirect to slack.com. However, after several days, it started redirecting to a click tracker, showing signs of a potentially malicious campaign. This article has…

Read more →

This latest Log4j exploitation-based attack uses obfuscated LDAP requests to evade detection and executes malicious scripts, establishing persistence and exfiltrating data through encrypted channels. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Researchers from Quarkslab found a hardware backdoor in the FM11RF08S RFID cards manufactured by Shanghai Fudan Microelectronics, enabling attackers to compromise user-defined keys within minutes. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

GitHub disclosed three security vulnerabilities in GitHub Enterprise Server (GHES), including CVE-2024-6800, CVE-2024-6337, and CVE-2024-7711. The most severe, CVE-2024-6800, allowed attackers to forge a SAML response, granting site admin privileges. This article has been indexed from Cyware News – Latest…

Read more →

In these file-sharing phishing attacks, cybercriminals impersonate colleagues or trusted services to trick targets into clicking on malicious links that can lead to data theft or malware infection. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The vulnerability allows attackers to inject malicious content into annotations, leading to arbitrary command injection and potential access to controller credentials, enabling full access to cluster secrets. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The widely used LiteSpeed Cache plugin for WordPress is being actively exploited through a critical security vulnerability, CVE-2024-28000, with over 30,000 attack attempts blocked in just 24 hours. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Google released an emergency security update to fix the ninth zero-day vulnerability exploited in attacks this year. The vulnerability, known as CVE-2024-7971, involves a type confusion weakness in Chrome’s V8 JavaScript engine. This article has been indexed from Cyware News…

Read more →

RipperSec, a pro-Palestinian hacktivist group based in Malaysia, has released MegaMedusa, a publicly available Web DDoS attack tool that simplifies launching large-scale DDoS attacks. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

The vulnerability, identified as CVE-2024-5932, arises from inadequate validation of user-provided serialized data, allowing attackers to inject harmful PHP objects through the give_title parameter. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Iran-linked TA453 targeted a religious figure with a fake podcast interview invitation, attempting to deliver the BlackSmith malware toolkit. The initial lure involved an email leading to a malicious link containing the AnvilEcho PowerShell trojan. This article has been indexed…

Read more →

The vulnerability stems from how Outlook handles hyperlink objects in image tags in emails, enabling attackers to exploit a composite moniker to trigger remote code execution. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

CVE-2024-7272 is a critical heap overflow vulnerability found in FFmpeg, the popular multimedia framework. The vulnerability affects versions up to 5.1.5 and has a CVSS score of 8.8. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

A new threat known as “WireServing” has been identified in Azure Kubernetes Services (AKS) by Mandiant. This vulnerability could have allowed attackers to escalate privileges and access sensitive credentials within compromised clusters. This article has been indexed from Cyware News…

Read more →

Hackers have been using a PHP vulnerability to deploy a stealthy backdoor called Msupedge. This backdoor was recently used in a cyberattack against an unnamed university in Taiwan. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

This flaw, present in versions 9.1.0 through 9.6.0, allows authenticated attackers to execute arbitrary code within the Bamboo environment, posing risks to confidentiality, integrity, and availability. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

A high-severity vulnerability (CVE-2024-38810) has been discovered in Spring Security, potentially allowing unauthorized access to sensitive data within affected applications. The vulnerability impacts Spring Security versions 6.3.0 and 6.3.1. This article has been indexed from Cyware News – Latest Cyber…

Read more →

The abuse of URL rewriting in phishing attacks has emerged as a new trend, allowing threat actors to hide malicious links behind trusted domains of security vendors. Exploiting these features enables bypassing detection mechanisms. This article has been indexed from…

Read more →

Styx Stealer is based on the Phemedrone Stealer and is available for purchase online. It has the ability to steal passwords, cookies, crypto wallet data, and messenger sessions, as well as gather system information. This article has been indexed from…

Read more →

The vulnerability, known as CVE-2024-6500, affects the InPost PL and InPost for WooCommerce plugins, allowing attackers to read and delete sensitive files like the wp-config.php configuration file. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Cybercrime is a growing threat to Africa’s economies, hindering their progress despite rapid GDP growth. The continent faces challenges like digital illiteracy and a shortage of cybersecurity professionals. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

To bolster cybersecurity, focus on managing and utilizing enterprise data efficiently. Companies possess significant data reserves, yet these are often scattered across different systems, necessitating manual efforts to extract value. This article has been indexed from Cyware News – Latest…

Read more →

Suspected hackers who stole $14 million worth of cryptocurrency from Holograph, a blockchain tech firm, have been arrested in Italy after living a lavish lifestyle for weeks in luxury villas. This article has been indexed from Cyware News – Latest…

Read more →

CERT-UA has identified the deployment of two malicious tools by Vermin: Spectr spyware, which can capture screenshots and steal data, and a new malware strain called Firmachagent, which is used to upload stolen data. This article has been indexed from…

Read more →

The NCSC has launched the Cyber Resilience Audit (CRA) scheme to find auditors for a new cyber-resilience initiative. It focuses on conducting independent audits based on the Cyber Assessment Framework (CAF) to support nationally critical sectors. This article has been…

Read more →

The operation was linked to Iran’s Storm-2035, also flagged by Microsoft for election interference. Google has also reported Iranian cyber influence activity. OpenAI identified 12 X accounts and one Instagram account involved in the operation. This article has been indexed…

Read more →

API security is a major concern due to issues like exposed secrets and unauthorized access, leading to serious vulnerabilities for many organizations. A recent report shoed 35% of exposed API keys are still active, posing significant security risks. This article…

Read more →

Once a stolen card is added to the attacker’s wallet, they can use it to make purchases without being detected, even after the original card has been canceled. Recurring transactions are also vulnerable to abuse, allowing payments with locked cards.…

Read more →

x64dbg is an open-source binary debugger for Windows, perfect for malware analysis and reverse engineering executables. It has a user-friendly UI that simplifies navigation and provides context on the process. This article has been indexed from Cyware News – Latest…

Read more →

Google is testing a feature in Chrome on Android to redact credit card details, passwords, and sensitive information when sharing your screen. Google aims to prevent leaks of sensitive data while recording or sharing screens. This article has been indexed…

Read more →

Xeon Senderallows attackers to conduct large-scale SMS spam and phishing campaigns using legitimate SaaS providers. Distributed through Telegram and hacking forums, it requires API credentials from popular providers like Amazon SNS and Twilio. This article has been indexed from Cyware…

Read more →

Authentik is known for its adaptability and flexibility. It seamlessly integrates into existing environments, offering support for various protocols. It simplifies tasks like sign-up and account recovery in applications. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Microsoft has classified the issue as low-severity and has not issued any fixes, except for Teams and OneNote apps. Excel, Outlook, PowerPoint, and Word apps remain vulnerable. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

A recent ransomware attack on Indian payment systems has been traced back to a vulnerability in the widely used Jenkins automation system. The attack targeted a digital payment system used by many Indian banks. This article has been indexed from…

Read more →

The statement — which came Monday from the FBI, CISA, and the Office of the Director of National Intelligence (ODNI) — specifically attributes the recently announced cyberattack on the campaign of former President Donald Trump to Iranian actors. This article…

Read more →

Phase 1 in October 2024 will require MFA for accessing Azure portal, Microsoft Entra admin center, and Intune admin center, with Phase 2 in early 2025 extending enforcement to Azure CLI, Azure PowerShell, mobile app, and Infrastructure as Code tools.…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a Jenkins Command Line Interface (CLI) Path Traversal vulnerability, known as CVE-2024-23897 with a CVSS score of 9.8, to its Known Exploited Vulnerabilities catalog. This article has been indexed from…

Read more →

According to a report by cybersecurity researchers at BforeAI, threat actors used fake social media accounts, stores, ticketing systems, and fraudulent cryptocurrencies to target unsuspecting victims. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The attack, lasting from Friday to Monday, reached 7.5 billion requests per second, according to Monobank CEO. Despite not impacting operations, the bank collaborated with security services and specialists to manage the flood of internet traffic. This article has been…

Read more →

Azure domains and Google have been exploited to spread disinformation and malware in a sophisticated campaign that involves using several Microsoft Azure and OVH cloud subdomains along with Google search notifications. This article has been indexed from Cyware News –…

Read more →

A cryptocurrency company reported to the SEC that a hacker breached its systems on August 9, 2024, locking all employees out of Google products for four days by changing the passwords on their G-Suite accounts. This article has been indexed…

Read more →

A new cybercrime group named Mad Liberator has been identified by the Sophos X-Ops Incident Response team for targeting AnyDesk users. This ransomware group is using a fake Microsoft Windows update screen to hide their data exfiltration activities. This article…

Read more →

Cymulate’s proof-of-concept attack demonstrates how multiple on-premises domains syncing to a single Azure tenant can lead to credential mishandling, potentially allowing unauthorized access to different domains. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Thousands of Oracle NetSuite E-Commerce Sites are at Risk of Exposing Sensitive Customer Data due to a widespread misconfiguration in the SuiteCommerce enterprise resource planning (ERP) platform. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Microsoft has patched a zero-day vulnerability, known as CVE-2024-38193, that was being exploited by the North Korea-linked Lazarus APT group. This vulnerability is a privilege escalation issue in the Windows Ancillary Function Driver for WinSock. This article has been indexed…

Read more →

Scammers have been targeting dozens of Google products through malicious search ads. They impersonated Google’s product line and used Looker Studio to lock up Windows and Mac users’ browsers. This article has been indexed from Cyware News – Latest Cyber…

Read more →

The malware masquerades as legitimate applications like Microsoft Office and creates an empty file to lure users. It also checks for virtual machines and uses sleep obfuscation to evade memory scanners. This article has been indexed from Cyware News –…

Read more →

These vulnerabilities could allow attackers to execute arbitrary code, disclose sensitive information, or disrupt device functionality, posing a significant threat to industrial and commercial networks relying on these devices. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Server-Side Template Injection (SSTI) vulnerabilities are a growing concern in web applications, allowing attackers to inject malicious code into templates and gain control over servers. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

A recent investigation uncovered a credit card skimmer using a web socket connection to steal credit card details from an infected PrestaShop website. Attackers use web sockets for obfuscation, making it difficult to analyze traffic. This article has been indexed…

Read more →

European hosting companies were found to be supporting the Kremlin-linked disinformation campaign, prompting Doppelgänger operators to quickly back up their systems and data. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Doppelgänger…

Read more →

DigiCert has announced the acquisition of Vercara to offer customers a unified DNS and certificate management experience. Vercara provides cloud-based services like managed DNS and DDoS security to protect networks and applications. This article has been indexed from Cyware News…

Read more →

The state attorneys general of New York, New Jersey, and Connecticut reached an agreement with Enzo Biochem, which revealed the incident to the federal government in May 2023. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

AI professionals have concerns about their jobs being replaced by AI tools, with 56% of security professionals worried about AI-powered threats, as reported by Pluralsight. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Ransomware groups have earned over $450 million in H1 2024 by extorting victims through cryptocurrency payments, according to a report by Chainalysis. It has risen from the previous year, with a record ransom payment of $75 million reported. This article…

Read more →

Many organizations struggle with AI literacy, cautious adoption, and risks of immature implementation, leading to disruptions in security, including data threats and AI misuse. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

A Russian citizen, known by various online names like “TeRorPP,” has been sentenced to 40 months in a U.S. prison for selling financial data and login credentials on the criminal marketplace Slilpp. This article has been indexed from Cyware News…

Read more →

CISA Director Jen Easterly highlighted the importance of not glamorizing threat actors, urging defenders to focus on detecting and responding to malicious tactics rather than being fixated on the threat groups themselves. This article has been indexed from Cyware News…

Read more →

Meta has warned of troll networks originating from Russia and Iran ahead of the US elections. According to a report by Meta, Russia remains the top source of disrupted troll networks on Facebook and Instagram, followed closely by Iran. This…

Read more →

According to Gcore, the number of DDoS attacks in the first half of 2024 increased by 46% compared to the same period in 2023, reaching a total of 830,000 attacks. The peak attack power also rose to 1.7 terabits per…

Read more →

A cybercrime group linked to RansomHub ransomware has been seen using a new EDR-killing tool, named EDRKillShifter, to disable endpoint detection and response software on compromised hosts. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Iranian hackers linked to the government of Iran have increased their phishing attacks on high-profile individuals in the U.S. and Israel, including those affiliated with U.S. presidential campaigns, according to Google. This article has been indexed from Cyware News –…

Read more →

M&A activity can increase ransomware insurance losses, with the severity of claims rising over 400% from 2022 to 2023, according to research by cyber risk company Resilience. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Researchers have linked Brain Cipher to at least three other groups operating under different names. Despite its global reach, the group’s tactics are not particularly sophisticated. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

In 2024, loaders were involved in nearly 40% of critical security incidents, with popular ones being SocGholish, GootLoader, and Raspberry Robin, aiming to deliver malware like ransomware, according to Reliaquest. This article has been indexed from Cyware News – Latest…

Read more →

A spear-phishing campaign targeting Russian government dissidents and Western organizations, attributed to the Russian FSB and threat actor COLDRIVER, uses personalized social engineering tactics to gain access to online accounts. This article has been indexed from Cyware News – Latest…

Read more →

A major cyberattack struck the Central Bank of Iran and other Iranian banks, causing disruptions. The incident, reported by Iranian news outlets and Iran International, resulted in the crippling of the banks’ computer systems. This article has been indexed from…

Read more →

A critical TCP/IP remote code execution (RCE) vulnerability affecting all Windows systems with IPv6 enabled has been discovered, prompting Microsoft to issue a warning urging users to patch their systems immediately. This article has been indexed from Cyware News –…

Read more →

South Korea’s ruling party, the People Power Party (PPP), has reported that hackers from North Korea have stolen important technical data related to the country’s main battle tank, the K2, as well as its spy planes known as “Baekdu” and…

Read more →

Rapid7 identified multiple intrusion attempts by threat actors utilizing social engineering tactics on June 20, 2024. The threat actors use email bombs followed by calls to offer fake solutions, with recent incidents involving Microsoft Teams calls. This article has been…

Read more →

The CryptoCore group’s scam operation leverages deepfake technology, hijacked YouTube accounts, and professionally designed websites to trick users into sending cryptocurrencies to scammer wallets. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

The FBI is investigating a suspected hack of the Trump campaign, following accusations of Iranian involvement. The Trump campaign blames foreign sources and cited a Microsoft report linking Iranian hackers to covert efforts to influence the election. This article has…

Read more →

Maxim Silnikau, a Belarusian-Ukrainian cybercriminal dubbed one of the most prolific Russian-speaking hackers by the UK’s NCA, has been arrested in Spain and extradited to the US. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

A security loophole in Windows SmartScreen, known as CVE-2024-38213, was exploited by attackers as a zero-day to bypass protection. Microsoft patched this vulnerability during the June 2024 Patch Tuesday. This article has been indexed from Cyware News – Latest Cyber…

Read more →

C-suite executives face the challenge of balancing technological innovation with cybersecurity resilience. A report by LevelBlue highlighted the complexities of their roles and the need for strategic cybersecurity approaches. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Cybercriminals impersonated the Security Service of Ukraine (SSU) using malicious spam emails to target and infect the systems of Ukrainian government agencies. The attackers successfully distributed AnonVNC malware to over 100 computers. This article has been indexed from Cyware News…

Read more →

Microsoft released its August 2024 Patch Tuesday updates, fixing 89 vulnerabilities, including nine zero-days. Among these, six zero-days were actively exploited, while three others were publicly disclosed. A tenth zero-day still remains unpatched. This article has been indexed from Cyware…

Read more →

The effort, known as the Open-Source Software Prevalence Initiative (OSSPI), aims to identify where open-source software components are being used in sectors like healthcare, transportation, and energy production to enhance national cybersecurity. This article has been indexed from Cyware News…

Read more →

Federal authorities have seized servers belonging to the Radar/Dispossessor ransomware gang in the U.S. and Europe. The FBI dismantled dozens of servers linked to the group, which is believed to have ties to the LockBit ransomware enterprise. This article has…

Read more →

Nightfall AI’s research found that 35% of exposed API keys were still active, leading to significant security risks. The study uncovered an average of about 350 secrets, including passwords and API keys, exposed per 100 employees annually on GitHub. This…

Read more →

SAP has released a security patch package for August 2024, addressing 17 vulnerabilities, including a critical authentication bypass flaw (CVE-2024-41730) in the SAP BusinessObjects Business Intelligence Platform. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The FBI found that the cybercriminal duo was involved in Dark Web platforms like WWH Club, Skynetzone, and Opencard for buying, selling, and trading sensitive information and cybercriminal training. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Orion SA recently disclosed to US regulators that it fell victim to a criminal wire fraud scheme resulting in a $60 million loss. The incident, possibly a BEC scam, involved fraudulent wire transfers to unknown third-party accounts by an employee.…

Read more →

Promoted through Telegram and other underground forums, DeathGrip RaaS offers aspiring threat actors on the dark web sophisticated ransomware tools, including LockBit 3.0 and Chaos builders. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

During a recent security audit by Laburity researchers, an application with a vulnerability related to pfblockerNG was identified. Attempts using default credentials failed, but an exploit from exploit-db was unsuccessful. This article has been indexed from Cyware News – Latest…

Read more →

The Banshee Stealer can rob sensitive data, including passwords from macOS Keychain, system information, and data from popular web browsers like Safari, Chrome, and Firefox. It can also access cryptocurrency wallets and plugins. This article has been indexed from Cyware…

Read more →