Category: Cyware News – Latest Cyber News

CISA Director Jen Easterly highlighted the importance of not glamorizing threat actors, urging defenders to focus on detecting and responding to malicious tactics rather than being fixated on the threat groups themselves. This article has been indexed from Cyware News…

Read more →

Meta has warned of troll networks originating from Russia and Iran ahead of the US elections. According to a report by Meta, Russia remains the top source of disrupted troll networks on Facebook and Instagram, followed closely by Iran. This…

Read more →

According to Gcore, the number of DDoS attacks in the first half of 2024 increased by 46% compared to the same period in 2023, reaching a total of 830,000 attacks. The peak attack power also rose to 1.7 terabits per…

Read more →

A cybercrime group linked to RansomHub ransomware has been seen using a new EDR-killing tool, named EDRKillShifter, to disable endpoint detection and response software on compromised hosts. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Iranian hackers linked to the government of Iran have increased their phishing attacks on high-profile individuals in the U.S. and Israel, including those affiliated with U.S. presidential campaigns, according to Google. This article has been indexed from Cyware News –…

Read more →

M&A activity can increase ransomware insurance losses, with the severity of claims rising over 400% from 2022 to 2023, according to research by cyber risk company Resilience. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Researchers have linked Brain Cipher to at least three other groups operating under different names. Despite its global reach, the group’s tactics are not particularly sophisticated. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

In 2024, loaders were involved in nearly 40% of critical security incidents, with popular ones being SocGholish, GootLoader, and Raspberry Robin, aiming to deliver malware like ransomware, according to Reliaquest. This article has been indexed from Cyware News – Latest…

Read more →

A spear-phishing campaign targeting Russian government dissidents and Western organizations, attributed to the Russian FSB and threat actor COLDRIVER, uses personalized social engineering tactics to gain access to online accounts. This article has been indexed from Cyware News – Latest…

Read more →

A major cyberattack struck the Central Bank of Iran and other Iranian banks, causing disruptions. The incident, reported by Iranian news outlets and Iran International, resulted in the crippling of the banks’ computer systems. This article has been indexed from…

Read more →

A critical TCP/IP remote code execution (RCE) vulnerability affecting all Windows systems with IPv6 enabled has been discovered, prompting Microsoft to issue a warning urging users to patch their systems immediately. This article has been indexed from Cyware News –…

Read more →

South Korea’s ruling party, the People Power Party (PPP), has reported that hackers from North Korea have stolen important technical data related to the country’s main battle tank, the K2, as well as its spy planes known as “Baekdu” and…

Read more →

Rapid7 identified multiple intrusion attempts by threat actors utilizing social engineering tactics on June 20, 2024. The threat actors use email bombs followed by calls to offer fake solutions, with recent incidents involving Microsoft Teams calls. This article has been…

Read more →

The CryptoCore group’s scam operation leverages deepfake technology, hijacked YouTube accounts, and professionally designed websites to trick users into sending cryptocurrencies to scammer wallets. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

The FBI is investigating a suspected hack of the Trump campaign, following accusations of Iranian involvement. The Trump campaign blames foreign sources and cited a Microsoft report linking Iranian hackers to covert efforts to influence the election. This article has…

Read more →

Maxim Silnikau, a Belarusian-Ukrainian cybercriminal dubbed one of the most prolific Russian-speaking hackers by the UK’s NCA, has been arrested in Spain and extradited to the US. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

A security loophole in Windows SmartScreen, known as CVE-2024-38213, was exploited by attackers as a zero-day to bypass protection. Microsoft patched this vulnerability during the June 2024 Patch Tuesday. This article has been indexed from Cyware News – Latest Cyber…

Read more →

C-suite executives face the challenge of balancing technological innovation with cybersecurity resilience. A report by LevelBlue highlighted the complexities of their roles and the need for strategic cybersecurity approaches. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Cybercriminals impersonated the Security Service of Ukraine (SSU) using malicious spam emails to target and infect the systems of Ukrainian government agencies. The attackers successfully distributed AnonVNC malware to over 100 computers. This article has been indexed from Cyware News…

Read more →

Microsoft released its August 2024 Patch Tuesday updates, fixing 89 vulnerabilities, including nine zero-days. Among these, six zero-days were actively exploited, while three others were publicly disclosed. A tenth zero-day still remains unpatched. This article has been indexed from Cyware…

Read more →

The effort, known as the Open-Source Software Prevalence Initiative (OSSPI), aims to identify where open-source software components are being used in sectors like healthcare, transportation, and energy production to enhance national cybersecurity. This article has been indexed from Cyware News…

Read more →

Federal authorities have seized servers belonging to the Radar/Dispossessor ransomware gang in the U.S. and Europe. The FBI dismantled dozens of servers linked to the group, which is believed to have ties to the LockBit ransomware enterprise. This article has…

Read more →

Nightfall AI’s research found that 35% of exposed API keys were still active, leading to significant security risks. The study uncovered an average of about 350 secrets, including passwords and API keys, exposed per 100 employees annually on GitHub. This…

Read more →

SAP has released a security patch package for August 2024, addressing 17 vulnerabilities, including a critical authentication bypass flaw (CVE-2024-41730) in the SAP BusinessObjects Business Intelligence Platform. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The FBI found that the cybercriminal duo was involved in Dark Web platforms like WWH Club, Skynetzone, and Opencard for buying, selling, and trading sensitive information and cybercriminal training. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Orion SA recently disclosed to US regulators that it fell victim to a criminal wire fraud scheme resulting in a $60 million loss. The incident, possibly a BEC scam, involved fraudulent wire transfers to unknown third-party accounts by an employee.…

Read more →

Promoted through Telegram and other underground forums, DeathGrip RaaS offers aspiring threat actors on the dark web sophisticated ransomware tools, including LockBit 3.0 and Chaos builders. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

During a recent security audit by Laburity researchers, an application with a vulnerability related to pfblockerNG was identified. Attempts using default credentials failed, but an exploit from exploit-db was unsuccessful. This article has been indexed from Cyware News – Latest…

Read more →

The Banshee Stealer can rob sensitive data, including passwords from macOS Keychain, system information, and data from popular web browsers like Safari, Chrome, and Firefox. It can also access cryptocurrency wallets and plugins. This article has been indexed from Cyware…

Read more →

While traditional cloud security issues associated with Cloud Service Providers (CSPs) are decreasing in significance, misconfigurations, IAM weaknesses, and API risks remain critical in cloud computing. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The “Dark Skippy” method allows hackers to steal Bitcoin hardware wallet keys by embedding secret data into public Bitcoin transactions, which can then be used to extract a person’s seed words. This article has been indexed from Cyware News –…

Read more →

Scammers are using fake content warnings related to the Ukraine war and earthquakes to lure users into clicking on links that lead to adult sites, malicious browser extensions, and affiliate scams on X. This article has been indexed from Cyware…

Read more →

Scout Suite is an open-source cloud security auditing tool that assesses security in multi-cloud environments. By using cloud vendors’ APIs, it gathers configuration data to identify risks efficiently. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The UK and France will discuss the misuse of commercial cyber intrusion tools as part of the Pall Mall Process, aiming to address the irresponsible use of hacking tools like spyware. This article has been indexed from Cyware News –…

Read more →

The Network and Information Security (NIS) 2 Directive is a major cybersecurity regulation in Europe, with EU Member States having until October 17, 2024, to comply with the increased security standards and reporting requirements. This article has been indexed from…

Read more →

Initially discovered in January 2023 impersonating government entities, Gigabud and Golddigger malware campaigns have overlapped, suggesting the same threat actors behind both. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Unmasking the…

Read more →

Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) have made it easier for cybercriminals to carry out sophisticated attacks, according to Darktrace. These subscription-based tools have lowered the barrier for less experienced attackers. This article has been indexed from Cyware News – Latest…

Read more →

The United Nations has unanimously passed its first cybercrime treaty, initially proposed by Russia. This treaty establishes a global legal framework for addressing cybercrime and data access. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Shorter TLS certificate lifespans are expected to create challenges for management efforts, with 76% of security leaders acknowledging the need to transition to shorter lifespans for increased security, according to Venafi. This article has been indexed from Cyware News –…

Read more →

The first vulnerability, CVE-2024-42219, allows bypassing inter-process communication protections and impersonation of trusted 1Password integrations. The second, CVE-2024-42218, lets attackers bypass security mechanisms using outdated app versions. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The vulnerabilities affect devices before the Sonos S2 release 15.9 and Sonos S1 release 11.12. These flaws could be exploited to compromise devices over the air and capture audio covertly. This article has been indexed from Cyware News – Latest…

Read more →

CrowdStrike is looking to acquire patch management specialist Action1 in a deal worth nearly $1 billion. Action1’s Co-Founder and CEO confirmed the discussions with CrowdStrike employees in a memo. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Researchers at AppOmni revealed that adversaries no longer need to complete all seven stages of a traditional kill chain to achieve their goals. This shift requires organizations to rethink their cybersecurity strategies. This article has been indexed from Cyware News…

Read more →

The vulnerabilities affect all versions of OpenVPN prior to 2.6.10 and 2.5.10. Attackers could gain full control over targeted endpoints by exploiting these vulnerabilities. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Earth Baku has expanded its operations beyond the Indo-Pacific region to Europe, the Middle East, and Africa. They are now targeting countries like Italy, Germany, UAE, and Qatar, with suspected activities in Georgia and Romania. This article has been indexed…

Read more →

RunZero recently released SSHamble, an open-source tool for testing the security of SSH services. This tool helps security teams detect dangerous misconfigurations and software bugs in SSH implementations. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Gaining visibility in OT networks is challenging due to differences in communication protocols between IT and OT systems. Building trust between OT and IT teams is essential, as their priorities often conflict. This article has been indexed from Cyware News…

Read more →

he vulnerability, tracked as CVE-2024-20419, allows unauthenticated attackers to change any user’s password remotely. To secure vulnerable Cisco Smart Software Manager On-Prem servers, admins must upgrade to a fixed release. This article has been indexed from Cyware News – Latest…

Read more →

The initiative, called Secure by Design, was introduced by the Cybersecurity and Infrastructure Security Agency at the RSA Conference, with an initial 70 firms committing to improving security features. This article has been indexed from Cyware News – Latest Cyber…

Read more →

The phishing site tricks users into downloading a malicious file disguised as Google Authenticator, which then drops the two malware components. The ACR Stealer exfiltrates data to a C&C server, while Latrodectus maintains persistence on the machine. This article has…

Read more →

A comprehensive analysis of data theft incidents investigated by ReliaQuest from September 2023 to July 2024 revealed that Rclone, WinSCP, and cURL are among the most prevalent exfiltration tools used by threat actors. This article has been indexed from Cyware…

Read more →

Researchers discovered that a solar grid responsible for 20% of the world’s solar power output, enough to power the entire United States, is at risk of being hijacked due to vulnerabilities in PV plant management platforms. This article has been…

Read more →

Recent findings indicate that the 7777 botnet (aka Quad7) has likely expanded, adding new bots with open port 63256, primarily including Asus routers. As of August 5, 2024, the total number of active bots stood at 12,783. This article has…

Read more →

Quorum Cyber Incident Response team recently identified a new malware called SharpRhino utilized by the threat actor group Hunters International during a ransomware incident. The malware, written in C#, was distributed through a typosquatting domain posing as Angry IP Scanner.…

Read more →

A fraudulent site resembling the official WinRar distribution platform is spreading malware. The fake website, win-rar[.]co, utilizes typosquatting to trick users who mistype the URL. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

The malware attack flow involves luring users with fake websites imitating popular downloads, then executing PowerShell scripts to download and install malicious extensions that steal private data and control browser settings. This article has been indexed from Cyware News –…

Read more →

An open source security firm, Oligo Security, has discovered a vulnerability called “0.0.0.0 Day” that allows attackers to execute code on web browsers like Chrome, Safari, and Firefox, potentially leading to data theft and malware. This article has been indexed…

Read more →

Cisco has issued a warning about critical remote code execution zero-days affecting the web-based management interface of the Small Business SPA 300 and SPA 500 series IP phones, which are no longer supported. This article has been indexed from Cyware…

Read more →

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has advised organizations to disable the legacy Cisco Smart Install (SMI) feature due to recent attacks exploiting it. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

An issue with Microsoft’s Entra ID identity and access management service could allow a hacker with admin-level access to gain global administrator privileges within an organization’s cloud environment. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Russian spies hacked UK government systems earlier this year, stealing data and emails in a nation-state attack. The breach targeted the Home Office’s systems, which had not been previously reported. This article has been indexed from Cyware News – Latest…

Read more →

Copilot is an AI-based chatbot used by enterprises to streamline tasks, but it can also be manipulated by attackers to steal data and conduct phishing scams without leaving a trace. This article has been indexed from Cyware News – Latest…

Read more →

The U.S. State Department has offered a $10 million reward for information on six Iranian government hackers who allegedly targeted U.S. water utilities last fall. These individuals were previously sanctioned for targeting critical infrastructure. This article has been indexed from…

Read more →

The number of incidents affecting GitHub, Bitbucket, GitLab, and Jira is on the rise, leading to outages, human errors, cyberattacks, data breaches, ransomware, security vulnerabilities, and data loss for DevSecOps teams, according to GitProtect.io. This article has been indexed from…

Read more →

Consumer Reports cautioned against relying too heavily on data removal services, as many fall short of expectations despite high costs. The study highlighted the need for better protection of consumer data and stricter regulations on data brokers. This article has…

Read more →

According to a report by Rapid7, a total of 21 new or rebranded groups have emerged since January 2024, alongside existing groups like LockBit, which has survived law enforcement crackdowns. This article has been indexed from Cyware News – Latest…

Read more →

Kursk region in Russia was hit by a large-scale DDoS attack during Ukraine’s cross-border incursion, affecting government, business websites, and critical services. NetBlocks reported disruptions in internet connectivity linked to the attacks. This article has been indexed from Cyware News…

Read more →

A ransomware drill focused on healthcare called Operation 911 was conducted at Black Hat USA 2024 by Las Vegas law enforcement, the FBI, and Semperis. During the drill, a simulated ransomware attack targeted a fictitious hospital. This article has been…

Read more →

RustScan is a fast and versatile open-source port scanner with Adaptive Learning for optimal performance. It can scan all 65,000 ports in 3 seconds and supports a scripting engine for customization. This article has been indexed from Cyware News –…

Read more →

A Forescont study showed that outdated software components in OT/IoT cellular routers and SOHO routers are linked to known vulnerabilities, with an average of 20 exploitable n-days affecting the kernel in widely used firmware images. This article has been indexed…

Read more →

Threat actors are actively exploiting a critical remote code execution vulnerability in Progress WhatsUp Gold 23.1.2 and older versions, identified as CVE-2024-4885 with a CVSS v3 score of 9.8. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Alibaba’s T-Head C910 RISC-V CPUs have been found to have serious security flaws by computer security researchers at the CISPA Helmholtz Center for Information Security in Germany. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Symantec’s Threat Hunter Team has observed various espionage operations utilizing cloud services, like the backdoors GoGra and Grager targeting organizations in South Asia, South East Asia, Taiwan, Hong Kong, and Vietnam. This article has been indexed from Cyware News –…

Read more →

The BlackSuit ransomware group gains access through phishing campaigns, RDP, and vulnerability exploits, using tools like Chisel and Mimikatz for communication and credential theft. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Ronin Network was hacked, resulting in the withdrawal of $12 million by “white hat” hackers who returned the stolen funds. The hackers exploited an undocumented vulnerability on the Ronin bridge, withdrawing 4,000 ETH and 2 million USDC. This article has…

Read more →

A security researcher at SafeBreach demonstrated at the Black Hat 2024 conference that two zero-day vulnerabilities can be exploited in downgrade attacks to revert fully updated Windows systems back to older versions, reintroducing vulnerabilities. This article has been indexed from…

Read more →

The SEC has closed its investigation into Progress Software’s handling of a zero-day flaw in MOVEit Transfer. Progress Software announced in a recent SEC filing that no enforcement action will be recommended by the Division of Enforcement. This article has…

Read more →

Roundcube’s vulnerabilities (CVE-2024-42009, CVE-2024-42008) allow attackers to compromise email accounts easily. The two cross-site scripting flaws could lead to the theft of emails, contacts, and passwords, and the sending of unauthorized emails. This article has been indexed from Cyware News…

Read more →

A flaw in Microsoft 365’s anti-phishing feature allows attackers to hide the ‘First Contact Safety Tip’ warning in Outlook emails using CSS, increasing the risk of users falling for malicious emails. This article has been indexed from Cyware News –…

Read more →

According to Acronis, ransomware remains a top threat for SMBs, especially in critical sectors like government and healthcare, where 10 new ransomware groups conducted 84 cyberattacks globally in Q1 2024. This article has been indexed from Cyware News – Latest…

Read more →

The U.S. Government Accountability Office is urging the Environmental Protection Agency (EPA) to develop a comprehensive strategy to protect the nation’s drinking and wastewater systems from cyber threats. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

NHS software supplier Advanced faces a hefty fine of over £6 million (~$7.6 Million) for failing to protect personal information during a ransomware attack that impacted the National Health Service in the UK. This article has been indexed from Cyware…

Read more →

Threat actors have introduced Doubleface ransomware, claiming it to be fully undetectable by major antivirus software. The ransomware utilizes a unique algorithm with AES-128 and RSA-4096 encryption, making decryption difficult without the right key. This article has been indexed from…

Read more →

Rapid7 researchers noted over 2,570 attacks in the first half of 2024, equating to around 14 attacks daily. The number of ransomware groups posting on data leak sites surged 67% compared to the previous year. This article has been indexed…

Read more →

EC-Council, a cyber certification organization, has pledged $15 million in scholarships to support over 50,000 students in cybersecurity programs. The goal is to help students earn industry credentials and enhance their cybersecurity skills. This article has been indexed from Cyware…

Read more →

Abnormal Security, an AI-driven cybersecurity company, has raised $250 million in funding, valuing the company at $5.1 billion. The funding will support their mission of using AI to protect against cybercrime by understanding human behavior. This article has been indexed…

Read more →

North Korean hackers, identified as Moonstone Sleet, have been distributing malicious JavaScript packages on the npm registry to infect Windows systems. The two packages, harthat-api and harthat-hash, were uploaded on July 7, 2024. This article has been indexed from Cyware…

Read more →

Researchers have revealed a new tactic used by threat actors behind the Chameleon Android banking trojan, targeting Canadian users with a disguised Customer Relationship Management (CRM) app. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The new service, known as the Fraud and Cyber Crime Reporting and Analysis System (FCCRAS), will enhance the reporting process by allowing users to upload additional information like metadata, screenshots, and images. This article has been indexed from Cyware News…

Read more →

AI can analyze data quickly, detect patterns of malicious behavior, and automate routine tasks like alert triaging and log analysis. However, human oversight is still necessary to ensure the accuracy and relevance of AI-generated insights. This article has been indexed…

Read more →

The vulnerability, tracked as CVE-2018-0824, arises from the deserialization of untrusted data. Microsoft warns that this flaw could lead to remote code execution if exploited by a specially crafted file or script. This article has been indexed from Cyware News…

Read more →

Attackers have developed multiple techniques to bypass reputation-based security controls like Windows Smart App Control, allowing them initial access to environments without triggering alerts. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

The STRRAT malware, sold for $80, allows attackers to take control of computers and steal data. Attackers use phishing emails pretending to be from government agencies to trick victims into downloading malicious files. This article has been indexed from Cyware…

Read more →

SnakeKeylogger, also known as KrakenKeylogger, is a malicious software targeting Windows users. It logs keystrokes, steals credentials, and takes screenshots, allowing cybercriminals to capture sensitive information. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Key Tronic revealed to regulators that a cyberattack in May 2024 cost the company over $17 million. The attack led to a shutdown of operations in Mexico and the U.S. for two weeks. This article has been indexed from Cyware…

Read more →

North Korean hackers exploited a VPN software update flaw to install malware and breach networks, as warned by South Korea’s National Cyber Security Center. The threat groups involved in these activities are Kimsuky (APT43) and Andariel (APT45). This article has…

Read more →

The Hunters International ransomware group is using a new C# remote access trojan named SharpRhino to target IT workers and breach corporate networks. It is distributed through a typosquatting site posing as Angry IP Scanner’s website. This article has been…

Read more →

Last year, the White House launched an initiative to strengthen school cybersecurity, but cyberattacks on schools persist. Private sector resources have been utilized by thousands of school districts to enhance their defenses. This article has been indexed from Cyware News…

Read more →

Around 20,000 Ubiquiti IoT cameras and routers are at risk due to a vulnerability that has been known for five years. Researchers have found that despite patches being available, many devices are still vulnerable. This article has been indexed from…

Read more →

Google has patched a zero-day vulnerability in the Android kernel that was being exploited in targeted attacks. The vulnerability, tracked as CVE-2024-36971, allows for arbitrary code execution without user interaction on unpatched devices. This article has been indexed from Cyware…

Read more →