Tag: Cyware News – Latest Cyber News

The clinic said the hackers had access to personal data between May 4 and May 7, stealing information including Social Security numbers, passport numbers, financial account numbers with CVV numbers and expiration dates. This article has been indexed from Cyware…

Read more →

The Evil Corp cybercrime syndicate has been hit with new sanctions by the United States, United Kingdom, and Australia. The US also indicted one of its members for conducting BitPaymer ransomware attacks. This article has been indexed from Cyware News…

Read more →

Federal prosecutors have charged a man for an alleged “hack-to-trade” scheme that earned him millions of dollars by breaking into the Office365 accounts of executives at publicly traded companies. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Attackers are actively targeting a severe remote code execution vulnerability that Zimbra recently disclosed in its SMTP server, heightening the urgency for affected organizations to patch vulnerable instances right away. This article has been indexed from Cyware News – Latest…

Read more →

Cyble researchers have uncovered a sophisticated campaign that starts with a suspicious .LNK file and uses VSCode to establish persistence and remote access – and installs the VSCode CLI if VSCode isn’t found on the victim machine. This article has…

Read more →

Handala’s most serious claims are unverified, but the Iranian threat group’s actions have led to numerous account suspensions and website shutdowns due to its persistent activities. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The Taiwan Computer Emergency Response Team (TWCERT/CC) has released a series of security advisories highlighting critical vulnerabilities affecting various PLANET Technology switch models. This article has been indexed from Cyware News – Latest Cyber News Read the original article: PLANET…

Read more →

This latest investment, led by New Era Capital Partners, brings Apono’s total funding to $20. 5 million, positioning the company to lead the identity security market with its innovative AI-driven product. This article has been indexed from Cyware News –…

Read more →

The UK and US issued a joint warning about the increasing Iranian spear phishing threat, attributing it to Iran’s Islamic Revolutionary Guard Corps targeting individuals in Iranian and Middle Eastern affairs, as well as US political campaigns. This article has…

Read more →

Logpoint, a SIEM company based in Copenhagen, acquired Muninn, an AI-powered NDR startup, to enhance threat detection capabilities. Muninn’s AI technology is designed to detect complex attacks in environments where traditional methods fall short. This article has been indexed from…

Read more →

The KartLANPwn vulnerability (CVE-2024-45200) targets Mario Kart 8 Deluxe’s LAN Play feature, potentially allowing hackers to execute remote code on players’ game consoles. This article has been indexed from Cyware News – Latest Cyber News Read the original article: KartLANPwn…

Read more →

The CISA has alerted to four newly exploited vulnerabilities in its KEV catalog. The vulnerabilities include critical flaws in D-Link and DrayTek Vigor routers, Motion Spell GPAC, and SAP Commerce Cloud. This article has been indexed from Cyware News –…

Read more →

The investigation strategy shared by JPCERT/CC covers Application, Security, System, and Setup logs, which can reveal traces left by ransomware attacks and help identify the attack vector This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

A critical vulnerability, CVE-2024-36435, has been found in several Supermicro enterprise products, allowing unauthenticated attackers to exploit a buffer overflow in the Baseboard Management Controller (BMC) firmware, leading to RCE. This article has been indexed from Cyware News – Latest…

Read more →

Platforms like Github, Discord, and YouTube are used to distribute compromised game cheats, which contain malware such as Skuld Stealer and Blank Grabber, known for stealing sensitive information. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Mimecast highlighted a noticeable increase in the use of Atlassian to evade detection. The attackers utilized postmark URLs to gather data intelligence, including location and browser details. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The DragonForce group utilizes dual ransomware variants, including one based on LockBit 3.0 and another on ContiV3, to target industries like manufacturing, real estate, and transportation. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Researchers disclosed a critical privilege escalation vulnerability, CVE-2024-26808, in the Linux kernel affecting versions from v5.9 to v6.6. The flaw is in the Netfilter component, allowing root access by manipulating memory allocation. This article has been indexed from Cyware News…

Read more →

A critical XSS flaw (CVE-2024-47186) has been found in Filament, a popular Laravel development tool. The vulnerability affects versions 3.0.0 to 3.2.114, putting applications at risk that render unvalidated ColorColumn or ColorEntry values. This article has been indexed from Cyware…

Read more →

Key vulnerabilities include log manipulation in PHP-FPM (CVE-2024-9026), bypassing redirect configurations (CVE-2024-8927), CGI parameter injection vulnerability (CVE-2024-8926), and erroneous parsing of multipart form data (CVE-2024-8925). This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Microsoft has detected Storm-0501 using Cobalt Strike for lateral movement across networks and deploying Embargo ransomware on victim organizations in hybrid cloud setups. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Storm-0501…

Read more →

Two critical vulnerabilities, CVE-2024-6592 and CVE-2024-6593, have been found in WatchGuard’s Authentication Gateway and Single Sign-On Client software by cybersecurity firm RedTeam Pentesting GmbH. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

A new HTML smuggling campaign is targeting Russian-speaking users, distributing DCRat malware. This marks the first time the malware has been deployed using this method, unlike common delivery methods like compromised sites or phishing emails. This article has been indexed…

Read more →

A critical security flaw, CVE-2024-43917, with a CVSS score of 9. 3, has been found in the popular WordPress plugin TI WooCommerce Wishlist, putting over 100,000 sites at risk of SQL injection attacks. This article has been indexed from Cyware…

Read more →

The most severe issue is a stack-based buffer overflow vulnerability (CVE-2024-34026) that allows an attacker to execute remote code. Users are advised to update to the latest version of OpenPLC to protect against these security risks. This article has been…

Read more →

The Brazilian-targeted threat BBTok has a complex infection chain that starts with an email containing an ISO image. The malware compiles C# code directly on the infected machine and uses the AppDomain Manager Injection technique. This article has been indexed…

Read more →

HPE has released patches for three critical security vulnerabilities in Aruba’s networking access points, which could allow attackers to run code on the systems by sending specially crafted packets to UDP port 8211. This article has been indexed from Cyware…

Read more →

Experts are investigating whether the hackers gained access to Cisco Systems routers, a key component of ISP infrastructures, but Cisco has not found any indication of router involvement. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The vulnerabilities could be exploited to remotely control Kia vehicles equipped with remote hardware in under 30 seconds, exposing the sensitive personal information of car owners. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Security researchers at Bitsight discovered critical vulnerabilities in Automated Tank Gauge (ATG) systems, including Maglink LX, Maglink LX4, OPW SiteSentinel, Proteus OEL8000, Alisonic Sibylla, and Franklin TS-550. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

HashiCorp has released updated versions (1.17.6, 1.16.10, 1.15.15) to fix the flaw, along with a new configuration option to enhance security. Users are advised to upgrade or adjust their configurations to protect against exploitation. This article has been indexed from…

Read more →

The CISA has issued a warning about hackers using basic techniques to target industrial systems, particularly OT and ICS devices in critical infrastructure, water, and wastewater systems. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The six vulnerabilities, with high severity scores, could lead to unauthorized access and control over network infrastructure. Progress Software advises all WhatsUp Gold users to upgrade to version 24.0.1 to mitigate these vulnerabilities. This article has been indexed from Cyware…

Read more →

Cybersecurity researchers at Palo Alto Networks’ Unit 42 have discovered a prolific Phishing-as-a-Service platform called Sniper Dz, responsible for creating over 140,000 phishing websites in just one year. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Security researchers have found critical flaws in the Jupiter X Core WordPress plugin, affecting over 90,000 websites. The vulnerabilities could allow attackers to take control of websites or hijack user accounts, including admin accounts. This article has been indexed from…

Read more →

VLC Media Player users are urged to update their software due to the critical CVE-2024-46461 vulnerability, which could crash the program or lead to code execution by malicious actors. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Multiple critical vulnerabilities in CUPS (Common Unix Printing System) have been uncovered, affecting Linux systems, BSDs, Oracle Solaris, and Google Chrome OS. These flaws can enable attackers to execute arbitrary commands through IPP URLs. This article has been indexed from…

Read more →

Nvidia Container Toolkit has critical vulnerabilities (CVE-2024-0132 and CVE-2024-0133) up to v1.16.1, allowing attackers to access the host file system, execute code, escalate privileges, and disrupt services. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Mallox, known for targeting Windows systems, has expanded its operations to Linux by using a modified version of the Kryptina ransomware, named “Mallox Linux 1.0.” The ransomware utilizes the same encryption algorithm as Kryptina. This article has been indexed from…

Read more →

The flaw, CVE-2024-41721, in bhyve’s USB emulation functionality could lead to malicious code execution, posing a serious threat to systems running vulnerable versions of FreeBSD. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

The flaw, tracked as CVE-2023-27584, stems from a hard-coded cryptographic key used in the authentication process, posing a serious risk of unauthorized access, including admin-level privileges. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

This flaw, tracked as CVE-2024-8986 with a CVSS score of 9.1, could lead to the unintentional exposure of sensitive information, such as repository credentials, due to the build metadata being included in compiled binaries. This article has been indexed from…

Read more →

Picus Security, a San Francisco, CA-based security validation company, raised $45M in funding. The round, which brought total funds raised to $80M, was led by Riverwood Capital, with participation from existing investor Earlybird Digital East Fund. This article has been…

Read more →

Two suspects, Malone Lam and Jeandiel Serrano, were arrested by the US Department of Justice for stealing and laundering over $230 million worth of cryptocurrency in Miami. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Singaporean cryptocurrency platform BingX was hit by a cyberattack resulting in the theft of over $44 million. The attack was detected by two blockchain security firms, leading to a temporary suspension of withdrawals and emergency asset transfers. This article has…

Read more →

An audit found that both the DOJ and FBI need to improve in three key areas to enhance their fight against ransomware. While the FBI reported an improvement in taking action within 72 hours in 47% of incidents, there is…

Read more →

The vulnerability lies in Keycloak’s XMLSignatureUtil class, which incorrectly verifies SAML signatures, disregarding the vital “Reference” element that specifies the signed portion of the document. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

This unique malware campaign stood out for its precise targeting of Italian victims, with checks implemented to ensure the system language was set to Italian before infecting the device. This article has been indexed from Cyware News – Latest Cyber…

Read more →

The Lumma Stealer malware is being distributed through deceptive human verification pages that trick Windows users into running malicious PowerShell commands, leading to sensitive information theft. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

This scheme was uncovered in 2022 during “Operation Kaerb,” involving global enforcement agencies. The criminals mimicked popular mobile platforms to conduct phishing attacks. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Police…

Read more →

German authorities have seized the leak site used by a ransomware group known as “Vanir” in a move to disrupt their operations. The site was used to post information about victims, including a German company. This article has been indexed…

Read more →

These vulnerabilities can lead to remote code execution and privilege escalation, posing a significant risk to affected systems. For example, the Oracle JDeveloper vulnerability can allow attackers to compromise the software and take over the system. This article has been…

Read more →

Researchers have released technical details about CVE-2024-45488, a critical authentication bypass vulnerability affecting One Identity’s Safeguard for Privileged Passwords (SPP), which could allow attackers to gain full administrative access. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Datadog Security Labs recently revealed a security risk within Microsoft Entra ID, showing how its administrative units (AUs) can be weaponized by attackers to create persistent backdoor access. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

These exchanges allowed users to trade cryptocurrencies anonymously, creating a safe environment for cybercriminals to launder their proceeds without fear of prosecution. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Germany Seizes…

Read more →

A sophisticated campaign is using GitHub repositories to spread the Lumma Stealer malware, targeting users interested in open-source projects or receiving email notifications from them. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Hackers are distributing a popular crypto-miner via malicious email auto-replies, as per researchers. They compromised email accounts to send innocent automatic replies with links to crypto-mining malware, specifically XMRig. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Acronis Backup Plugins have been affected by a critical security flaw, CVE-2024-8767 (CVSS 9.9). The vulnerability impacts Linux-based plugins for cPanel & WHM, Plesk, and DirectAdmin, potentially leading to data breaches and unauthorized operations. This article has been indexed from…

Read more →

Cybersecurity researchers at Darktrace have discovered cybercriminals exploiting Fortinet’s FortiClient EMS. The attackers targeted a critical vulnerability, CVE-2023-48788, to gain unauthorized access through an SQL injection flaw. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The attribution of the Raptor Train botnet to a Chinese nation-state actor is based on various factors, including operational timelines, targeting sectors aligned with Chinese interests, and the use of the Chinese language. This article has been indexed from Cyware…

Read more →

These counterfeit CAPTCHA tests prompt users to execute seemingly harmless commands, which actually lead to the installation of the dangerous Lumma Stealer malware on Windows devices. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The CISA has directed federal agencies to remove Flash Player by October 8, 2024, to safeguard sensitive data and critical operations. Adobe officially ended Flash Player support in 2020, recognizing its security risks. This article has been indexed from Cyware…

Read more →

In this campaign aimed at the APAC region, Earth Baxia used a new backdoor named EAGLEDOOR, which supports multiple communication protocols for information gathering and payload delivery. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Microsoft has confirmed CVE-2024-37985 as a zero-day bug in Windows with a CVSS score of 5.9. It is a Windows Kernel information disclosure vulnerability, allowing attackers to access heap memory from a privileged process on a vulnerable server. This article…

Read more →

Ransomware groups such as BianLian and Rhysida are now exploiting Microsoft Azure tools like Storage Explorer and AzCopy to steal data from compromised networks and store it in Azure Blob storage. This article has been indexed from Cyware News –…

Read more →

Security researcher Sina Kheirkhah has published a PoC exploit for CVE-2024-40711 in Veeam Backup & Replication, a critical vulnerability with a CVSS score of 9.8. The flaw allows unauthenticated RCE, posing a threat to enterprise environments. This article has been…

Read more →

GitLab has released a critical security patch for the CVE-2024-45409 vulnerability (CVSS 10). It impacts both GitLab Community Edition (CE) and Enterprise Edition (EE) and originates from the Ruby-SAML library used for SAML authentication. This article has been indexed from…

Read more →

Approximately nine percent of tested firmware images use non-production cryptographic keys that are publicly known, making Secure Boot devices vulnerable to UEFI bootkit malware attacks. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

The CISA and the FBI recommended software developers to implement rigorous validation, sanitization, and input escaping to prevent malicious script injections and data manipulation. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Red Hat OpenShift, a popular hybrid cloud platform with robust security features, is facing two critical vulnerabilities: CVE-2024-45496 (CVSS 9.9) and CVE-2024-7387 (CVSS 9.1). This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Prosecutors allege that Chinese national Wu Song targeted US academics and engineers to obtain applications used in aerospace engineering and fluid dynamics, which could be used for developing missiles and weapons. This article has been indexed from Cyware News –…

Read more →

The vulnerability was related to the undocumented Salesforce Aura API and SOQL subqueries, allowing a blind SOQL injection attack to retrieve customer information, including personally identifiable information (PII). This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Valid account abuse remains a top entry point for critical infrastructure attacks, with the CISA reporting that 2 in 5 successful intrusions last year were attributed to this method. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Cybersecurity firm Huntress reported that attackers search for publicly accessible installations of Foundation software on the internet and then attempt to gain administrative access by trying combinations of default usernames and passwords. This article has been indexed from Cyware News…

Read more →

Two critical vulnerabilities, CVE-2024-8503 (SQL Injection) and CVE-2024-8504 (Privilege Escalation), have been uncovered in the VICIdial Contact Center Suite, posing a major risk for call centers globally. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

EchoStrike features an interactive Python wizard for easy customization, various persistence techniques, binary padding for evasion, AES payload encryption, and dynamic binary download. This article has been indexed from Cyware News – Latest Cyber News Read the original article: EchoStrike:…

Read more →

This critical flaw, actively exploited in the wild, allows attackers to elevate privileges to SYSTEM level, posing a significant risk to organizations using Microsoft’s Hyper-V virtualization technology. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The US has imposed further sanctions on Intellexa, the maker of the Predator spyware, targeting individuals and entities associated with the company due to its opaque corporate structure designed to evade accountability. This article has been indexed from Cyware News…

Read more →

23andMe has pledged $30 million to compensate the 6.4 million people affected by a data breach in October 2023. The breach occurred when a hacker used stolen credentials to access a significant amount of account information, including health data. This…

Read more →

The vulnerability, tracked as CVE-2022-46723, enables attackers to manipulate files within the macOS Calendar app environment and execute remote code during system upgrades. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Zero-Click…

Read more →

The malicious software called ClipBankers can monitor clipboard activity and replace cryptocurrency addresses with those controlled by attackers, diverting digital asset transfers to rogue wallets. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

A critical vulnerability, CVE-2024-6091 (CVSS 9. 8), has been found in AutoGPT, a popular AI tool with over 166,000 projects at risk. The flaw allows for OS Command Injection, potentially enabling unauthorized actions. This article has been indexed from Cyware…

Read more →

D-Link has addressed critical vulnerabilities in three popular WiFi 6 router models, fixing issues that could allow remote attackers to run arbitrary code or access devices with hardcoded credentials. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Metabase Q, an IT cybersecurity management company based in San Francisco, has raised $11M in its Series A extension funding. Backers include SYN Ventures and John Watters. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Western cybercriminals in online groups, like Scattered Spider, target vulnerable teens, pushing them towards harm and violence. The Com, a cybercriminal network, fosters extortion and violence among its members. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Strider Technologies has secured $55 million in Series C funding to bolster its artificial intelligence research, expand into the government sector, and support global growth. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

A recent WooCommerce skimming attack used a creative method to steal credit card details by hiding malicious code within style tags and embedding a fake payment overlay in an image file disguised as a favicon. This article has been indexed…

Read more →

Although Indodax did not confirm the exact amount stolen, reports suggest $22 million. The company warned users about potential scammers taking advantage of the situation. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Threat actors are infecting publicly exposed Selenium Grid servers to utilize victims’ internet bandwidth for cryptomining, proxyjacking, and potentially more harmful activities. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Hackers Target…

Read more →

A recently patched Windows vulnerability, identified as CVE-2024-43461, was exploited by the Void Banshee APT hacking group in zero-day attacks to install information-stealing malware. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Mandiant’s report highlights the escalating cyber threats facing Mexico, with a rise in global espionage and local cybercrime targeting individuals and businesses. Since 2020, cyber espionage groups from over 10 countries have targeted Mexican firms. This article has been indexed…

Read more →

The FCC is seeking volunteers to serve as administrators for a new cybersecurity labeling program, allowing consumers to identify products less vulnerable to cyberattacks. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

A recent report by Xavier Mertens, a Senior ISC Handler and cybersecurity consultant, highlights a concerning trend where cybercriminals are increasingly using legitimate Python libraries for malicious activities. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Nonhuman identity and access management company Aembit Inc. has secured $25 million in funding to enhance its solutions. The Series A funding round was led by Acrew Capital. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

GitLab released updates covering versions 17.1.7, 17.2.5, and 17.3.2 for GitLab Community Edition (CE) and Enterprise Edition (EE), addressing a total of 18 security issues. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

In a newly uncovered advanced malware campaign, threat actors are using a complex, fileless approach to deliver the Remcos Remote Access Trojan (RAT), leveraging a benign-looking Excel document as the attack vector. This article has been indexed from Cyware News…

Read more →

A recent congressional investigation revealed that Chinese-made port cranes in the United States contained hidden modems that could provide unauthorized access to the machines. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Users of Citrix Workspace App are advised to update due to two privilege escalation flaws. Cloud Software Group disclosed vulnerabilities (CVE-2024-7889 & CVE-2024-7890) in the Windows app, allowing attackers to gain high-level access. This article has been indexed from Cyware…

Read more →

Trend Micro researchers uncovered remote code execution attacks targeting Progress Software’s WhatsUp Gold using the vulnerabilities tracked as CVE-2024-6670 and CVE-2024-6671. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Update: Protecting Against…

Read more →

The Vo1d malware campaign targets specific Android firmware versions like Android 7.1.2 and Android 10.1. The malware modifies system files to launch itself on boot and persist on the device. This article has been indexed from Cyware News – Latest…

Read more →