Category: Cyware News – Latest Cyber News

Last year, Skybox Security reported that there were over 30,000 new vulnerabilities, with a new vulnerability emerging every 17 minutes on average. This amounts to around 600 new vulnerabilities per week. This article has been indexed from Cyware News –…

Read more →

Multiple critical vulnerabilities have been discovered in Emerson gas chromatographs, which could potentially enable unauthorized access to sensitive data, cause denial-of-service attacks, and execute arbitrary commands. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Approximately 700,000 external internet-facing instances are vulnerable, accounting for 31% of global instances with OpenSSH. Additionally, a small percentage of vulnerable instances are running an End-Of-Life/End-Of-Support version of OpenSSH. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Scraper bots have a negative impact on various aspects of an organization, including revenue, competitive advantage, brand identity, customer experience, infrastructure costs, and digital experience. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

These sites are promoted through compromised YouTube channels, lending them credibility. One particular error, the 0x80070643 error, which appeared after a Microsoft security update, has been exploited by threat actors. This article has been indexed from Cyware News – Latest…

Read more →

A man in Australia was charged with operating fake Wi-Fi networks on a commercial flight to steal passengers’ email and social media credentials. The investigation began when an airline reported a suspicious Wi-Fi network during a domestic flight. This article…

Read more →

Researchers found a public GitHub repo where the operators of Polyfill.io accidentally exposed their Cloudflare secret keys. By using these leaked API keys, they were able to confirm that a single entity was behind the attack on all four domains.…

Read more →

Brain Cipher ransomware has been uploaded to various malware-sharing sites, created using the leaked LockBit 3.0 builder. The encryptor used by Brain Cipher appends an extension and encrypts the file name of the encrypted files. This article has been indexed…

Read more →

The flaw, which has a CVSS score of 9.8, allows threat actors to perform path traversal attacks and gain unauthorized access to sensitive information, including user passwords. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Juniper Networks has released an emergency update to address a severe vulnerability in Session Smart Router (SSR), Session Smart Conductor, and WAN Assurance Router products. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

One attack involves setting up a fake base station using a Raspberry Pi or a software-defined radio (SDR). These devices can imitate a real base station and are readily available for purchase. This article has been indexed from Cyware News…

Read more →

A critical vulnerability has been discovered in certain versions of GitLab Community and Enterprise Edition products. This vulnerability allows an attacker to run pipelines as any user. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The campaigns, named LegalQloud, Eqooqp, and Boomer, deploy highly evasive and adaptive threat (HEAT) attack techniques that can bypass multifactor authentication (MFA) and URL filtering. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Unfurling Hemlock is using a new method, referred to as a “malware cluster bomb,” which allows the threat actor to use one malware sample to spread additional malware on compromised machines. This article has been indexed from Cyware News –…

Read more →

TeamViewer, a leading provider of remote access tools, has confirmed that its corporate network is currently under a cyberattack. The company has identified the attackers as a government-backed Russian intelligence group known as APT29. This article has been indexed from…

Read more →

Kimsuky uploaded TRANSLATEXT to their attacker-controlled GitHub repository on March 7, 2024, and it is capable of bypassing security measures for prominent email service providers like Gmail, Kakao, and Naver. This article has been indexed from Cyware News – Latest…

Read more →

The campaign involves a Bollywood pirate movie download site leading to a Bunny content delivery platform, which then points to a ZIP file. Inside the ZIP file, there is another password-protected ZIP file with a text file containing the password.…

Read more →

Gitleaks is an open-source tool that detects and prevents hardcoded secrets in Git repositories, like passwords or API keys. It stands out for its easy-to-use and configurable system for scanning secrets. This article has been indexed from Cyware News –…

Read more →

A 24-year-old leader of an international robbery crew, Remy St Felix, has been convicted in the US for carrying out violent home invasions to steal cryptocurrency tokens. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

A new campaign targeting Mac users through malicious Google ads for the Arc browser has been observed. This is the second time Arc has been used as a lure, indicating its popularity. This article has been indexed from Cyware News…

Read more →

Federal authorities are warning about social engineering and phishing scams that target IT help desk workers and allow attackers to steal login credentials in order to access healthcare sector entities’ IT systems. This article has been indexed from Cyware News…

Read more →

A former employee of Nuance Communications, a unit of Microsoft, is the main suspect in a 2023 data breach that affected over 1 million patients of Geisinger, a healthcare system based in Pennsylvania. This article has been indexed from Cyware…

Read more →

In Q1 2024, BlackBerry detected and stopped 3.1 million cyberattacks, averaging 37,000 per day. They also detected 630,000 malicious hashes, a 40% increase from the previous reporting period. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

CISA urges manufacturers to reduce memory safety vulnerabilities by ditching memory-unsafe languages, implementing secure coding practices, and adopting routine security testing measures. This article has been indexed from Cyware News – Latest Cyber News Read the original article: CISA Report…

Read more →

The US cybersecurity agency CISA has issued a warning about cyber threat actors exploiting vulnerabilities in GeoServer (CVE-2022-24816), the Linux kernel (CVE-2022-2586), and Roundcube Webmail (CVE-2020-13965). This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The US Department of Justice has indicted a 22-year-old Russian, Amin Timovich Stigal, for his alleged involvement in cyber attacks on Ukrainian government computers and critical infrastructure systems known as the “WhisperGate” attack. This article has been indexed from Cyware…

Read more →

Approximately three-quarters of companies have made investments in cyber defense in order to qualify for cyber insurance, according to a report by Sophos and Vanson Bourne. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The healthcare sector received a “B+” security rating for the first half of 2024, indicating a decent level of security. However, it faces a significant vulnerability in the form of supply chain cyber risk. This article has been indexed from…

Read more →

The California Privacy Protection Agency (CPPA) has signed a partnership agreement with France’s Commission Nationale de l’Informatique et des Libertés (CNIL) to conduct joint research and share investigative findings on data privacy issues. This article has been indexed from Cyware…

Read more →

XenoRAT is being used by North Korean hackers and other actors targeting the gaming community. It is being spread through .gg domains and a GitHub repository disguised as Roblox scripting tools. This article has been indexed from Cyware News –…

Read more →

Microsoft has discovered a new type of jailbreak attack called Skeleton Key. This technique uses a multi-turn strategy to make the model ignore its guardrails, allowing it to generate forbidden content or override its decision-making rules. This article has been…

Read more →

Researchers at Nozomi Networks uncovered four vulnerabilities in Sensor Net Connect and three flaws in the Thermoscan IP desktop application, both made by a division of French firm Proges Plus. This article has been indexed from Cyware News – Latest…

Read more →

The Vanna AI library has been found to have a vulnerability (CVE-2024-5565) that could allow for remote code execution (RCE) due to a prompt injection issue related to the Plotly script. This article has been indexed from Cyware News –…

Read more →

The vulnerability allows attackers to create administrative user accounts, modify and delete data in the application database, and potentially gain full control of vulnerable systems. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

ReversingLabs researchers discovered a suspicious package on npm called legacyreact-aws-s3-typescript. They found that the package contained a post-install script that downloaded and executed a simple backdoor. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

South Korean telco KT has been accused of purposely infecting customers with malware as a result of excessive use of peer-to-peer (P2P) downloading tools. Around 600,000 users of online storage services have reportedly been affected. This article has been indexed…

Read more →

Snowblind is effective on all modern Android devices and primarily targets banking apps. It avoids detection by modifying the app and exploiting the Linux kernel’s seccomp feature to control the app’s system calls. This article has been indexed from Cyware…

Read more →

Major secrets, including cloud environment credentials, internal infrastructures, and telemetry platforms, have been found exposed on the internet due to Git-based processes and Source Code Management (SCM) platforms behavior. This article has been indexed from Cyware News – Latest Cyber…

Read more →

The non-profit cybersecurity organization, the Shadowserver Foundation, has observed exploitation attempts against CVE-2024-5806. They noted that the exploitation began soon after the vulnerability details were made public. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The adoption of ransomware in cyberespionage attacks helps adversaries blur the lines between APT and cybercriminal activity, leading to potential misattribution or concealing the true nature of the operation. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Siemens recently patched several vulnerabilities in its Sicam products that could be exploited to target the energy sector. The updates addressed two high-severity and one medium-severity flaws. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The Medusa banking trojan (aka TangleBot) operates as a malware-as-a-service, providing keylogging, screen controls, and SMS manipulation. Note that this operation is different from the ransomware gang and the Mirai-based botnet with the same name. This article has been indexed…

Read more →

The polyfill.io domain, which offers JavaScript code to add functionality to older browsers, has been compromised and is infecting over 100,000 websites with malware. The domain was purchased by a Chinese organization earlier this year. This article has been indexed…

Read more →

UK and US law enforcement agencies have collaborated to combat the Qilin ransomware gang, which has targeted the global healthcare industry through several recent attacks. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Zeek is an open-source network analysis framework. Unlike an active security device such as a firewall, Zeek operates on a versatile ‘sensor’ that can be a hardware, software, virtual, or cloud platform. This article has been indexed from Cyware News…

Read more →

Although there was no evidence of data theft or lateral movement, the agency’s investigation revealed that unauthorized access to various sensitive information, including security plans and user accounts, may have occurred. This article has been indexed from Cyware News –…

Read more →

Cyble Research and Intelligence Labs (CRIL) researchers have discovered that a Russia-linked threat group known as UAC-0184 is targeting Ukraine using the XWorm remote access trojan (RAT). This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

A critical security vulnerability, CVE-2024-5806, has been found in MOVEit Transfer, a popular file transfer software. The vulnerability allows attackers to bypass authentication checks and gain administrative access by sending manipulated requests. This article has been indexed from Cyware News…

Read more →

According to the Thales 2024 Cloud Security Study, 44% of organizations have experienced a cloud data breach, with 14% reporting incidents in the past year. Human error and misconfigurations were the top root causes, affecting 31% of cases. This article…

Read more →

Ta Van Tai, Nguyen Viet Quoc, Nguyen Trang Xuyen, and Nguyen Van Truong are accused of conducting phishing campaigns and supply chain compromises to orchestrate cyberattacks and steal millions of dollars. This article has been indexed from Cyware News –…

Read more →

The FBI has issued a warning about cybercriminals pretending to be law firms and lawyers offering cryptocurrency recovery services. These scammers target victims of investment scams, stealing funds and personal information. This article has been indexed from Cyware News –…

Read more →

SpyMax does not require the targeted device to be rooted, making it easier for threat actors to cause damage. Once installed, SpyMax gathers personal information from the infected device without user consent and sends it to a remote threat actor.…

Read more →

P2PInfect, a previously dormant peer-to-peer malware botnet, has recently become active and is now targeting Redis servers. The botnet has introduced new features like cron-based persistence mechanisms and SSH lockout. This article has been indexed from Cyware News – Latest…

Read more →

Unlike previous methods, SnailLoad doesn’t require a person-in-the-middle attack or hacking the target’s Wi-Fi. Instead, it lets a remote attacker infer websites and content viewed by a user without accessing their network traffic directly. This article has been indexed from…

Read more →

AI is not new to cybersecurity, but generative AI is causing concern as it impacts organizations. A study found that AI-generated threats have already affected 75% of organizations, yet 60% are not prepared to handle AI-based attacks. This article has…

Read more →

The U.S. Department of Energy has released a new framework of best practices for securing clean energy cyber supply chains, focusing on key technologies used in managing electricity, oil, and natural gas systems. This article has been indexed from Cyware…

Read more →

A new command execution technique called “GrimResource” has been discovered that leverages a combination of specially crafted Microsoft Saved Console (MSC) files and an unpatched Windows XSS flaw. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The Boolka group is responsible for deploying advanced malware and conducting web attacks. They have been exploiting vulnerabilities using SQL injection attacks since 2022, targeting websites in various countries. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Multiple WordPress plugins have been found to contain a backdoor that injects malicious code. This code allows attackers to create unauthorized administrator accounts, enabling them to perform malicious actions. This article has been indexed from Cyware News – Latest Cyber…

Read more →

The Ransomhub ransomware group’s modus operandi involves encrypting data and leveraging access to SCADA systems to disrupt essential functions, as evidenced in their recent breach. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

SmokeLoader acts as a loader for other malware, once it is executed it will inject malicious code into the currently running explorer process (explorer.exe) and download another payload to the system. This article has been indexed from Cyware News –…

Read more →

Security updates have been promptly released to address these critical vulnerabilities in multiple WordPress plugins. SingCERT reported 9 critical plugin vulnerabilities and shared the mitigation strategies to avoid exploration by threat actors. This article has been indexed from Cyware News…

Read more →

As digital transformation accelerates, understanding how businesses are preparing for and implementing digital ID technologies is crucial for staying ahead in security and efficiency, according to Regula. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

According to the new update, threat actors exploited zero-day flaws in Ivanti Connect Secure (ICS) and created rogue virtual machines (VMs) within the organization’s VMware environment. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The augmentations concern the Border Gateway Protocol, a backbone data transmission algorithm that determines the optimal path for data packets to move across networks, said National Cyber Director Harry Coker This article has been indexed from Cyware News – Latest…

Read more →

While fears of cyberattacks continue to rise, CISOs demonstrate increasing confidence in their ability to defend against these threats, reflecting a significant shift in the cybersecurity landscape, according to Proofpoint. This article has been indexed from Cyware News – Latest…

Read more →

One campaign uses HTML smuggling to hide the phishing content from network inspection. The other uses a method called transparent phishing, where the attacker uses Cloudflare Workers to act as a reverse proxy server for a legitimate login page. This…

Read more →

The Australian Communications and Media Authority said it has filed proceedings against Optus in a federal court as the company failed to protect sensitive customer data during a data breach in September 2022 that affected close to 10 million people.…

Read more →

The frequency and severity of attacks are increasing—yet most businesses remain unprepared, according to VikingCloud. Between a growing talent shortage, alert fatigue, and new sophisticated attack methods, companies are more susceptible than ever. This article has been indexed from Cyware…

Read more →

Cybersecurity researchers at Datadog Security Labs discovered malicious software packages targeting MacOS users through the Python Package Index (PyPI) and NPM repository. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Malicious PyPI…

Read more →

CERT-UA reports that research following the initial discovery of this attack revealed at least five potential breaches by the same files in financial and insurance institutions across Europe and the United States. This article has been indexed from Cyware News…

Read more →

Cloud applications and SaaS tools have countless configuration options that are often poorly documented and can change frequently, making it difficult to ensure they are securely configured. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Europe’s leading research universities should work more closely with the continent’s intelligence agencies to help secure their research from being stolen by hostile states, EU member states recommended this week. This article has been indexed from Cyware News – Latest…

Read more →

Researchers at Trellix Advanced Research Center spotted fake AV sites used to distribute info-stealers. The malicious websites hosted sophisticated malicious files such as APK, EXE, and Inno setup installer, including spying and stealer capabilities. This article has been indexed from…

Read more →

According to a report by Malwarebytes, cybercriminals prepared for the product launch, setting up malicious advertisements on Google Search to lure users looking to download the new web browser. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Cisco states that there are no workarounds that address this vulnerability. The IT giant has confirmed that this vulnerability does not affect Adaptive Security Appliance (ASA) Software or Firepower Threat Defense (FTD) Software. This article has been indexed from Cyware…

Read more →

Security researchers have revealed a series of criminal campaigns that exploit cloud storage services such as Amazon S3, Google Cloud Storage, Backblaze B2 and IBM Cloud Object Storage. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Forcepoint X-Labs has recently observed a significant number of phishing email instances in their telemetry targeting various government departments in APAC that masquerade as PDF viewer login pages. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

“This guidance helps organizations disrupt malicious cyber activity by applying granular access control and visibility to applications and workloads in modern network environments,” said Dave Luber, director of cybersecurity at NSA. This article has been indexed from Cyware News –…

Read more →

The threat actors demonstrate increased caution in selecting their targets, broadening their reconnaissance efforts, and adopting Cobalt Strike Beacon over custom backdoors. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Sharp Dragon…

Read more →

BLOODALCHEMY is an updated version of Deed RAT, which is believed to be a successor to ShadowPad malware. It has been used in attacks targeting government organizations in Southern and Southeastern Asia. This article has been indexed from Cyware News…

Read more →

Effective, updated policies are foundational to an organization’s cybersecurity strategy in this new era of AI-driven attacks. CISOs must proactively adapt their email security approach to protect against the latest social engineering threats. This article has been indexed from Cyware…

Read more →

An improper access control bug in Apache Flink that was fixed in January 2021 has been added to the US government’s Known Exploited Vulnerabilities Catalog, meaning criminals are right now abusing the flaw in the wild to compromise targets. This…

Read more →

Bugcrowd CEO Dave Gerry said their acquisition of Brighton, England-based Informer will fuel the adoption of Bugcrowd’s penetration testing technology and prompt clients to expand the scope of their bug bounty programs. This article has been indexed from Cyware News…

Read more →

“Rather than scam or phish everyday people directly for gift card-based payments, Storm-0539 infiltrates large retailers and fraudulently issues gift card codes to themselves, virtually printing their own money,” Microsoft’s Vasu Jakkal explained. This article has been indexed from Cyware…

Read more →

The security flaw (tracked as CVE-2024-4835) is an XSS weakness in the VS code editor (Web IDE) that lets threat actors steal restricted information using maliciously crafted pages. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

A requirement for the Pentagon to commission an independent study on the creation of a U.S. Cyber Force was added late Wednesday to the House version of the defense policy bill. This article has been indexed from Cyware News –…

Read more →

Siloed approaches to securing human and machine identities are driving identity-based attacks across enterprises and their ecosystems, according to a new report by CyberArk. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

The security issue was discovered internally by Google’s Clément Lecigne and is tracked as CVE-2024-5274. It is a high-severity ‘type confusion’ in V8, Chrome’s JavaScript engine responsible for executing JS code. This article has been indexed from Cyware News –…

Read more →

“Through ongoing monitoring and collaboration with cyber authorities, we identified attempts to replace our Viewer 8.3.7 software with a compromised file,” the company said in a statement on Thursday. This article has been indexed from Cyware News – Latest Cyber…

Read more →

National Cyber Director Harry Coker Jr. said the administration is taking actions to strengthen key critical infrastructure sectors, including healthcare and water utilities, and will pursue additional steps to fight ransomware and boost resilience. This article has been indexed from…

Read more →

The Police Service of Northern Ireland (PSNI) is bracing for a hefty £750,000 (~$952k) fine following last year’s data breach. The PSNI data breach saw the exposure of the personal information of approximately 10,000 officers and staff. This article has…

Read more →

The threat actor searches for sensitive information related to diplomatic and economic missions, embassies, military operations, political meetings, ministries of targeted countries, and high-ranking officials. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

The KeyPlug backdoor has been developed to target both Windows and Linux operative systems and use different protocols to communicate which depend on the configuration of the malware sample itself. This article has been indexed from Cyware News – Latest…

Read more →

One of them called ORB3/SPACEHOP is described as “a very active network leveraged by multiple China-nexus threat actors, including APT5 and APT15” for reconnaissance and vulnerability exploitationl This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Bolster, an AI startup, has raised $14 million in funding led by Microsoft’s M12 to combat malicious phishing emails. Their flagship product, CheckPhish, offers brand and URL verification services to businesses. This article has been indexed from Cyware News –…

Read more →

The cybersecurity business is booming, and cyberattacks are fueling its growth. Global spending on security and risk management is on pace to reach $215 billion this year, up 30% from almost $165 billion in 2022, according to Gartner. This article…

Read more →

Georgia resident Malachi Mullings received a decade-long sentence for laundering money scored in scams against healthcare providers, private companies, and individuals to the tune of $4.5 million. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The research program will be led by researcher Shahar Avin at the government’s AI Safety Institute and delivered in partnership with UK Research and Innovation and The Alan Turing Institute. This article has been indexed from Cyware News – Latest…

Read more →

Development teams need to plan ahead and create shareable SBOMs that are standardized in a format that’s readily consumable while also establishing scalable systems for attestation, access management, and data verification, among other factors. This article has been indexed from…

Read more →