Tag: Cyware News – Latest Cyber News

The head of Britain’s domestic intelligence agency warned the country’s leading research universities on Thursday that foreign states are targeting their institutions and imperiling national security. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

IT staff at SMEs is overwhelmed by the complexity and demands of managing multiple tools in their security stack, leading them to miss critical severity events and weaken their company’s security posture, according to Coro. This article has been indexed…

Read more →

Members will include representatives of tech companies, critical infrastructure entities, academia, and government agencies, as well as “leaders in the civil rights, civil liberties, and privacy communities,” DHS Secretary Alejandro Mayorkas said. This article has been indexed from Cyware News…

Read more →

A controversial executive order that would require U.S. cloud companies to closely monitor the identities of their customers will move one step closer to the finish line next week amid opposition from the industry. This article has been indexed from…

Read more →

A Bitwarden survey showed that 25% of respondents globally reuse passwords across 11-20+ accounts, and 36% admit to using personal information in their credentials publicly accessible on social media (60%) platforms and online forums (30%). This article has been indexed…

Read more →

The vulnerability, tracked as CVE-2024-3400, has a CVSS score of 10 out of 10, and can allow an unauthenticated threat actor to execute arbitrary code with root privileges on the firewall device, according to the update. This article has been…

Read more →

The cards are labeled “Virus Trojan Horse Removal Payment Card” and “Unpaid Bill Late Fee Payment Card,” and were created by the Echizen Police in the Fukui prefecture in Japan as an alert mechanism. This article has been indexed from…

Read more →

The initial infection vector is a Word document that downloads and executes a 64-bit Rust-compiled binary. This binary then downloads an encoded shellcode containing the AgentTesla payload. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Security researchers analyzing phishing campaigns that target United States Postal Service (USPS) saw that the traffic to the fake domains is typically similar to what the legitimate site records and it is even higher during holidays. This article has been…

Read more →

Nearly five months after security researchers warned of the Cactus ransomware group leveraging a set of three vulnerabilities in Qlik Sense data analytics and BI platform, many organizations remain dangerously vulnerable to the threat. This article has been indexed from…

Read more →

The FBI published a warning on Friday about the scam, noting that it was akin to an offshoot of romance scams and pig butchering schemes that have proliferated in recent years. This article has been indexed from Cyware News –…

Read more →

The operation involves a malicious PPSX file that drops a custom loader for the Cobalt Strike Beacon malware. The loader employs various techniques to slow down analysis and bypass security solutions. This article has been indexed from Cyware News –…

Read more →

The malware is delivered through a fake Google Chrome update that is shown while using the web browser. Brokewell is under active development and features a mix of extensive device takeover and remote control capabilities. This article has been indexed…

Read more →

First discovered in 2022, Godfather — which can record screens and keystrokes, intercepts 2FA calls and texts, initiates bank transfers, and more — has quickly become one of the most widespread malware-as-a-service offerings in cybercrime. This article has been indexed…

Read more →

Three of the vulnerabilities could allow an attacker to send malicious data, intercept credentials sent in clear text, and potentially compromise the entire Fibre Channel infrastructure. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Researchers discovered a sophisticated phishing campaign that is using compromised email accounts and Autodesk’s file sharing platform to steal Microsoft login credentials from victims. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

The round was led by existing investor General Atlantic, with participation from other major investors StepStone Group and the D. E. Shaw group. The company intends to use the funds to drive product innovation and accelerate its global expansion. This…

Read more →

Researchers have sinkholed a command and control server for a variant of the PlugX malware and observed in six months more than 2.5 million connections from unique IP addresses. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Threat actors utilize fraudulent websites hosted on popular legitimate platforms to spread malware and steal data. To evade detection, attackers employ obfuscation methods and checks on referral URLs. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The research identified deficiencies in various PMP components that could be exploited to gain access to plaintext content keys guarded by PlayReady DRM in Windows 10/11 environments. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The FTC is sending $5.6 million in refunds to Ring users whose private video feeds were accessed without consent by Amazon employees and contractors, or had their accounts and devices hacked because of insufficient security protections. This article has been…

Read more →

Most businesses are concerned about AI-enabled cyber-threats, with 93% of security leaders expecting to face daily AI-driven attacks by the end of 2024, according to a new report by Netacea. This article has been indexed from Cyware News – Latest…

Read more →

The hackers, identified as UAT4356 by Cisco Talos and STORM-1849 by Microsoft, began infiltrating vulnerable edge devices in early November 2023 in a cyber-espionage campaign tracked as ArcaneDoor. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The two founders of a cryptocurrency mixing service that allegedly obfuscated the origins of at least $100 million in criminal proceeds have been arrested, the Department of Justice announced Wednesday. This article has been indexed from Cyware News – Latest…

Read more →

Flowon developer Progress Software first alerted about the flaw on April 4, warning that it impacts versions of the product v12.x and v11.x. The company urged system admins to upgrade to the latest releases, v12.3.4 and 11.1.14. This article has…

Read more →

On Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) added two Cisco product vulnerabilities — CVE-2024-20353 and CVE-2024-20359 — as well as one vulnerability affecting popular file transfer tool CrushFTP. This article has been indexed from Cyware News – Latest…

Read more →

Google announced it is updating the client-side encryption mechanism for Google Meet to allow external participants, including those without Google accounts, to join encrypted calls. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Chinese and Russian hackers have turned their focus to edge devices — like VPN appliances, firewalls, routers and Internet of Things (IoT) tools — amid a startling increase in espionage attacks, according to Google security firm Mandiant. This article has…

Read more →

A security researcher discovered vulnerabilities in the popular phone-tracking app iSharing, which has over 35 million users. The bugs allowed a user to access others’ precise coordinates, even if the user wasn’t actively sharing their location data. This article has…

Read more →

Researchers observed a malicious ad campaign targeting Facebook users via Google search. The ad, which appears at the top of Google search results for the keyword “Facebook,” redirects users to a scam page. This article has been indexed from Cyware…

Read more →

An Iranian state-sponsored hacking group successfully infiltrated hundreds of thousands of employee accounts at US companies and government agencies, including the US Treasury and State Department, as part of a five-year cyber espionage campaign. This article has been indexed from…

Read more →

According to a new report by Mandiant, which is based on Mandiant Consulting investigations during 2023, the global median dwell time for attackers fell to its lowest point since the company began tracking the metric in 2011. This article has…

Read more →

The vulnerabilities could be exploited to “completely reveal the contents of users’ keystrokes in transit,” researchers Jeffrey Knockel, Mona Wang, and Zoë Reichert said. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

An unidentified attacker hacked a Czech news service’s website and published a fake story on Tuesday claiming that an assassination attempt had been made against the newly elected Slovak president Petr Pellegrini. This article has been indexed from Cyware News…

Read more →

One in five UK companies has experienced sensitive corporate data exposure due to employees’ use of generative AI (GenAI), according to a report by cybersecurity services provider RiverSafe. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The US State Department is imposing visa restrictions on 13 people involved in the development and sale of commercial spyware, as well as their spouses and children. The State Department can deny these people entrance to the United States. This…

Read more →

Veeam Software announced the acquisition of Coveware, a provider of cyber-extortion incident response. It brings ransomware recovery and first responder capabilities to further strengthen Veeam’s radical resilience solutions for customers. This article has been indexed from Cyware News – Latest…

Read more →

According to two sources familiar with the FTC’s plans, the rules will emphasize data security and data minimization, or the idea that companies should only collect the data they need to conduct business with consumers and delete it when concluded.…

Read more →

Local reports claimed that the hackers targeted as many as 83 defense contractors and subcontractors, and managed to steal sensitive information from 10 of them between October 2022 and July 2023, although the campaign lasted over a year. This article…

Read more →

The Treasury Department’s Office of Foreign Assets Control (OFAC) has sanctioned four Iranian nationals for their involvement in cyberattacks against the U.S. government, defense contractors, and private companies. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Siemens is urging organizations using its Ruggedcom APE1808 devices configured with Palo Alto Networks (PAN) Virtual NGFW to implement workarounds for a maximum severity zero-day bug that PAN recently disclosed in its next-gen firewall product. This article has been indexed…

Read more →

After failing to achieve “expected results,” Sweden’s National Cyber Security Center (NCSC) is facing a range of reforms, including being brought under the control of the country’s cyber and signals intelligence agency. This article has been indexed from Cyware News…

Read more →

The actual number of people exposed to political and other deepfakes is expected to be much higher given many Americans are not able to decipher what is real versus fake, thanks to the sophistication of AI technologies. This article has…

Read more →

The DIB Vulnerability Disclosure Program (DIB-VDP), a joint venture between the DoD Cyber Crime Center (DC3), the Defense Counterintelligence and Security Agency (DCSA), and HackerOne, will bring better vulnerability disclosure practices to the DIB. This article has been indexed from…

Read more →

Academics at a U.S. university found that if you feed a GPT-4 artificial intelligence agent public security advisories, it can exploit unpatched “real-world” vulnerabilities without precise technical information. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The GuptiMiner malware campaign, discovered by Avast, involved hijacking an eScan antivirus update mechanism to distribute backdoors and coinminers. The campaign was orchestrated by a threat actor with possible ties to Kimsuky. This article has been indexed from Cyware News…

Read more →

The Cybersecurity and Infrastructure Security Agency is targeting a September 30 deadline to give federal agencies a list of example software products deemed critical for the federal government’s cyber posture. This article has been indexed from Cyware News – Latest…

Read more →

The perpetrators attract unsuspecting Telegram users through a referral system, enticing them with promises of an “exclusive earning program” shared via contacts in their network. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Microsoft specifically highlighted a group named Emerald Sleet (aka Kimusky or TA427), which has been observed using LLMs to bolster spear-phishing efforts aimed at Korean Peninsula experts. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

A phishing campaign exploiting a bug in Nespresso’s website has been able to evade detection by taking advantage of security tools that fail to look for malicious nested or hidden links. This article has been indexed from Cyware News –…

Read more →

Doctors, clinics and other providers are prohibited from disclosing protected health information related to lawful reproductive healthcare, according to a final rule released Monday by federal regulators to “strengthen” HIPAA privacy. This article has been indexed from Cyware News –…

Read more →

CERT-UA reports that in March 2024, APT44 conducted operations to disrupt information and communication systems at energy, water, and heating suppliers in 10 regions of Ukraine. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The ransomware landscape has undergone significant changes in Q1 2024, with major shifts in the behavior of Ransomware-as-a-Service (RaaS) groups, according to GuidePoint Security’s GRIT Q1 2024 Ransomware Report. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Similar to a recently reported issue in GitHub, users can abuse the “comments” feature in GitLab to upload malware to any repository without the repository owner’s knowledge. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

HHS’ Office for Civil Rights in new “frequently asked questions” guidance issued Friday night said it has not yet received breach reports from Change Healthcare, UHG, or any other affected covered entities pertaining to the incident. This article has been…

Read more →

Cloud Console Cartographer is an open-source tool that maps noisy log activity into highly consolidated, succinct events to help security practitioners cut through the noise and understand console behavior in their environment. This article has been indexed from Cyware News…

Read more →

Almost two-thirds of organizations across the globe have either fully or partially implemented zero-trust strategies, according to a report released Monday by Gartner based on a survey of 303 security leaders. This article has been indexed from Cyware News –…

Read more →

A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Most compliance leaders tend to focus on building an ethical culture in their organizations to improve employee behavior, but it has a limited impact on addressing uncertainty about how to be compliant, according to a survey by Gartner. This article…

Read more →

The majority of companies, 4 in 5, have suffered a cyberattack that wasn’t fully covered under their cyber insurance policy, according to an analysis by cyber risk quantification firm CYE. This article has been indexed from Cyware News – Latest…

Read more →

Researchers at US-Israeli infosec outfit SafeBreach recently discussed flaws in Microsoft and Kaspersky endpoint security products that can potentially allow the remote deletion of files. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

The malware does not try to hide its presence in the system from antivirus programs and has not gained much popularity in the underground yet, indicating that it is a new player in the market. This article has been indexed…

Read more →

A recent malware campaign used weaponized ZIP files to distribute the WINELOADER malware. The attackers send phishing emails with ZIP attachments that, when extracted, execute a PowerShell script to download and install the malware. This article has been indexed from…

Read more →

A malicious PyPI package named “discordpy_bypass-1.7” was detected on March 12, 2024. This package is designed to extract sensitive information from user systems using a blend of persistence techniques, browser data extraction, and token harvesting. This article has been indexed…

Read more →

Threat actors created a website to impersonate UsenetClub, a subscription service for “uncensored” access to images and videos downloaded from Usenet. They claimed to provide free access to the site after the installation of a “CryptVPN” software. This article has…

Read more →

The hire marks another coup for the British public sector in poaching talent from the technology industry, particularly at the executive level, following the recruitment of Ollie Whitehouse as the NCSC’s chief technology officer earlier this year. This article has…

Read more →

The agency is attributing the surge to a group tracked as UAC-0184, which was spotted in February targeting an unnamed Ukrainian entity in Finland. CERT-UA does not attribute UAC-0184’s activity to any specific foreign cyber threat group. This article has…

Read more →

Researchers from cybersecurity firm DomainTools told Recorded Future News that they have found nearly 30 newly created domains related to tolls, 15 of which have a “high chance of being weaponized for phishing, malware, or spam.” This article has been…

Read more →

Threat actors are continuing to successfully breach across the entire attack surface. Around 93% of enterprises who admitted a breach reported unplanned downtime, data exposure, or financial loss as a result, according to a survey by Pentera. This article has…

Read more →

Japan’s CERT warned that the WordPress plugin Forminator, developed by WPMU DEV, is affected by multiple vulnerabilities, including a flaw that allows unrestricted file uploads to the server. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Security experts say Western teenagers comprise a number of active affiliate groups, many with ties to the cybercrime community that calls itself “The Community,” aka the Com or Comm. This article has been indexed from Cyware News – Latest Cyber…

Read more →

A malware campaign was found injecting malicious JavaScript code into compromised WordPress sites to redirect site visitors to VexTrio domains, specifically using dynamic DNS TXT records of the tracker-cloud[.]com domain to obtain redirect URLs. This article has been indexed from…

Read more →

The new facility, details about which have not previously been reported, marks the fruition of a significant doctrinal shift in how the alliance approaches operations in cyberspace. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

An operator of the HelloKitty ransomware operation announced they changed the name to ‘HelloGookie,’ releasing passwords for previously leaked CD Projekt source code, Cisco network information, and decryption keys from old attacks. This article has been indexed from Cyware News…

Read more →

A New York federal jury found a hacker guilty of all charges that he masterminded and carried out a scheme to fraudulently obtain $110 million from cryptocurrency exchange Mango Markets and investors. This article has been indexed from Cyware News…

Read more →

As the company also explains in a public security advisory published on Friday, this zero-day bug enables unauthenticated attackers to escape the user’s virtual file system (VFS) and download system files. This article has been indexed from Cyware News –…

Read more →

In a briefing at Black Hat Asia, Shmuel Cohen, security researcher at SafeBreach, described how he not only reverse-engineered and cracked into the company’s signature Cortex product but also weaponized it to deploy a reverse shell and ransomware. This article…

Read more →

A new info-stealing malware linked to Redline poses as a game cheat called ‘Cheat Lab,’ promising downloaders a free copy if they convince their friends to install it too. This article has been indexed from Cyware News – Latest Cyber…

Read more →

The guidance offers a wide range of best practices, including that organizations adopt a zero trust mindset, actively monitor the AI model’s behavior, and require the primary developer of the AI system to provide a threat model for their system.…

Read more →

A rise in infostealer malware attacks over the past three years has enabled cybercriminal groups to turn credential stealing into a major money-making business, paving the way for new entrants in the field and sophisticated hacking techniques. This article has…

Read more →

Could a hacker seize control of America’s dams, unleashing floods and chaos across vulnerable communities? Cybersecurity analysts and leading lawmakers warn it’s possible. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Hacking…

Read more →

A legitimate-looking Google Search advertisement for the crypto trading platform ‘Whales Market’ redirects visitors to a wallet-draining phishing site that steals all of your assets. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

That downward trend comes thanks to “enterprises large and small” being “increasingly able to withstand an encryption attack, and restore their operations without the need for a threat actor decryption key,” Coveware said. This article has been indexed from Cyware…

Read more →

The attacker combines multiple social engineering techniques that involve contacting the potential victim (voice phishing) and pretending to be a LastPass employee trying to help with securing the account following unauthorized access. This article has been indexed from Cyware News…

Read more →

Most industries continue to run almost two or more months behind in patching software vulnerabilities, endpoints remain vulnerable to threats, and most enterprise PCs must be replaced to support AI-based technologies, according to a new report. This article has been…

Read more →

Damn Vulnerable RESTaurant is an open-source project that allows developers to learn to identify and fix security vulnerabilities in their code through an interactive game. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

A new banking Trojan is targeting Korean users using obfuscation techniques that target the Android manifest, exploit vulnerabilities and take advantage of weaknesses in how Android apps interpret this file. This article has been indexed from Cyware News – Latest…

Read more →

Researchers at the intelligence unit at the cybersecurity firm Sophos found 19 ransomware varieties being offered for sale or advertised as under development on four forums from June 2023 to February 2024. This article has been indexed from Cyware News…

Read more →

The concept of Everywhere Work is now much broader, encompassing where, when, and how professionals get their work done — and flexibility has become a key workplace priority, according to Ivanti. This article has been indexed from Cyware News –…

Read more →

The financially motivated threat actor FIN7 targeted a large U.S. car maker with spear-phishing emails for employees in the IT department to infect systems with the Anunak backdoor. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The backdoor uses techniques such as multiple stages of DLL sideloading and DNS tunneling for command-and-control (C2) communication as a means to evade endpoint and network security solutions, respectively. This article has been indexed from Cyware News – Latest Cyber…

Read more →

In a report today, Mandiant says that Sandworm relied on three main hacktivist-branded Telegram channels named XakNet Team, CyberArmyofRussia_Reborn, and Solntsepek, all operating in parallel and independently of one another. This article has been indexed from Cyware News – Latest…

Read more →

The U.S. Justice Department charged Moldovan national Alexander Lefterov, the owner and operator of a large-scale botnet that infected thousands of computers across the United States. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Armis has purchased a security prioritization and remediation vendor led by a Goldman Sachs veteran to more effectively address vulnerabilities and misconfigurations with AI and automation. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Hackers who appear to be Chinese are exploiting vulnerabilities in the OpenMetadata platform running as workloads on Kubernetes clusters to download cryptomining software, warns Microsoft. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Since September 2022, anyone has been able to use the LockBit version 3.0 – aka Black – builder thanks to a key developer leaking it after he fell out with group leader LockBitSupp. This article has been indexed from Cyware…

Read more →

The hit comes from direct response efforts like recovering Change’s clearinghouse platform and paying higher medical costs after its insurance arm suspended some utilization management processes, in addition to the loss of Change’s revenue. This article has been indexed from…

Read more →

In its first annual report, the Food and Agriculture-Information Sharing and Analysis Center (Food and Ag-ISAC) said the industry was the seventh most targeted sector in the country, behind manufacturing, financial services, and others. This article has been indexed from…

Read more →

A local, authenticated attacker can exploit the vulnerability, tracked as CVE-2024-20295, to conduct command injection attacks on the underlying operating system and elevate privileges to root. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Ivanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, two of them critical heap overflows that can be exploited for remote command execution. This article has been indexed from Cyware News –…

Read more →