Tag: Cyware News – Latest Cyber News

Critical Severity Flaw Exposes Siemens Industrial Systems

This flaw, tracked as CVE-2024-35783 and with a CVSS score of 9.4, affects SIMATIC Process Historian, PCS 7, and WinCC, allowing attackers to gain elevated privileges and execute arbitrary commands. This article has been indexed from Cyware News – Latest…

SolarWinds Reveals RCE Flaw in Access Rights Manager

SolarWinds has disclosed two vulnerabilities in their Access Rights Manager (ARM) software: CVE-2024-28990 (CVSS 6. 3) allows for a hardcoded credential authentication bypass, while CVE-2024-28991 (CVSS 9. 0) enables remote code execution. This article has been indexed from Cyware News…

Two Critical RCE Flaws Discovered in Docker Desktop

Two critical remote code execution (RCE) flaws, identified as CVE-2024-8695 and CVE-2024-8696, have been uncovered in Docker Desktop, a popular tool for containerized application development. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Inc Ransom Attack Analysis: Extortion Methodologies

The attack lifecycle involved initial access gained through a firewall vulnerability, followed by enumeration of network shares and lateral movement using Impacket and pass-the-hash attacks. This article has been indexed from Cyware News – Latest Cyber News Read the original…

India Needs Better Cybersecurity for Space Systems

Dr. Sreedhara Panicker Somanath, chairman of the Indian Space Research Organization, emphasized the importance of cybersecurity for the entire system during the recent inauguration of a cybersecurity training center. This article has been indexed from Cyware News – Latest Cyber…

Cybersecurity is a Fundamental Component of Patient Care and Safety

A multipronged cybersecurity approach is necessary for the healthcare sector, involving technology investments, staff training, and collaboration between stakeholders to develop industry-wide standards and best practices. This article has been indexed from Cyware News – Latest Cyber News Read the…

Microsoft Discloses Four Zero-Days in September Update

Microsoft recently revealed four zero-day vulnerabilities in its September update, part of the Patch Tuesday release containing 79 vulnerabilities, making it the fourth-largest release of the year. This article has been indexed from Cyware News – Latest Cyber News Read…

Exploiting CI/CD Pipelines for Fun and Profit

On September 8, 2024, a significant exploit chain was discovered, starting from a publicly exposed . git directory, leading to a full server takeover. The vulnerabilities stem from websites exposing their . git folders. This article has been indexed from…

Tech Stack Uniformity has Become a Systemic Vulnerability

By recognizing the importance of diversity in technology stacks and incorporating it into security protocols and incident response plans, companies can proactively protect their infrastructure and reduce the likelihood of catastrophic events. This article has been indexed from Cyware News…

OpenZiti: Secure, Open-Source Networking for Your Applications

OpenZiti is an open-source networking project that embeds zero-trust principles directly into applications, offering features like strong identity, mTLS, E2EE, private DNS, and smart routing. This article has been indexed from Cyware News – Latest Cyber News Read the original…

FBI Report Says Cryptocurrency Scams Surged in 2023

According to an FBI report, cryptocurrency scams surged in 2023, leading to victims reporting $5. 6 billion in financial losses associated with crypto schemes, a 45% increase from the previous year. This article has been indexed from Cyware News –…

Earth Preta Upgrades Attack Strategy via Removable Drives

The HIUPAN worm allows Earth Preta to propagate malware into networks via removable drives, maintaining persistence by modifying registry values and creating autorun entries. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Gallup Poll Bugs Open Door to XSS Attacks

Checkmarx researchers discovered two XSS vulnerabilities on Gallup’s polling site, which could allow attackers to access sensitive data, execute arbitrary code, or take over accounts. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Experts Demonstrate How to Bypass WhatsApp View Once Feature

This flaw affects the browser-based web app, enabling recipients to save pictures and videos that should disappear after being viewed. While the app prohibits users from taking screenshots, this bug circumvents that protection. This article has been indexed from Cyware…

German Cyber Agency Investigating APT28 Phishing Campaign

The German cyber agency is investigating a phishing campaign linked to Russian state hackers APT28, who mimicked a well-known think tank’s website. The hackers created a fake domain resembling the Kiel Institute for the World Economy. This article has been…

CISA Flags ICS Bugs in Baxter, Mitsubishi Products

CISA has identified vulnerabilities in industrial control system products from Baxter and Mitsubishi that are commonly used in healthcare and critical manufacturing sectors. Both the firms have released advisories with mitigation measures. This article has been indexed from Cyware News…

Underground Demand for Malicious LLMs is Robust

The underground market for malicious large language models (LLMs) is thriving, according to researchers from Indiana University Bloomington. They found 212 malicious LLMs for sale from April through September 2024. This article has been indexed from Cyware News – Latest…

New RAMBO Attack Steals Data Using RAM in Air-Gapped Computers

The attack involves malware manipulating the computer’s RAM to emit controlled electromagnetic radiation that can transmit data to nearby recipients. The attack, created by Israeli researchers, leverages memory access patterns to modulate the RAM. This article has been indexed from…

Critical GeoServer Flaw Enabling Global Hack Campaigns

The flaw in GeoServer, tracked as CVE-2024-36401 and with a CVSS score of 9.8, was swiftly capitalized on by hackers who launched campaigns using botnet families and cryptominers to spread malicious tools like Goreverse, a reverse proxy server. This article…

LummaC2 Stealer and Malicious Chrome Extension Wreak Havoc

This attack begins with victims unknowingly downloading a malicious ZIP archive containing an installer file that sideloads a malicious DLL. This DLL then downloads the LummaC2 Stealer and a PowerShell script from a command-and-control server. This article has been indexed…

Unmasking PackXOR: The FIN7 Packer Exposed

Despite its connection to FIN7, other threat actors have also employed PackXOR to distribute payloads like XMRig cryptominer and R77 rootkit, often in conjunction with SilentCryptoMiner. This article has been indexed from Cyware News – Latest Cyber News Read the…

Absolute Purchases Syxsense to Tackle Cyber Vulnerabilities

Absolute Security has acquired Syxsense, an endpoint and vulnerability management provider, to enhance its cyber resilience platform. The acquisition aims to simplify patching and remediation through automated workloads. This article has been indexed from Cyware News – Latest Cyber News…

Feds Warn Health Sector to Patch Apache Tomcat Flaws

The Department of Health and Human Services’ Health Sector Cybersecurity Coordination Center highlighted the ongoing discovery of vulnerabilities in Tomcat that pose a risk to organizations. This article has been indexed from Cyware News – Latest Cyber News Read the…

Fog Ransomware Now Targeting the Financial Sector

Fog, a variant of STOP/DJVU family, targets various sectors, exploiting VPN vulnerabilities to infiltrate network defenses. After infiltration, Fog ransomware disables protective measures, encrypts vital files, and demands ransom via the Tor network. This article has been indexed from Cyware…

MuddyWater Hijacks RMM Software for Espionage

MuddyWater, an Iranian hacker group since 2017, has been using legitimate RMM software to target organizations globally, focusing on government, military, telecom, and oil sectors. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Goffloader: In-Memory Execution, No Disk Required

Praetorian has uncovered GoffLoader, an in-memory execution tool that allows security professionals to run BOF and unmanaged Cobalt Strike PE files directly in memory without writing to disk. This article has been indexed from Cyware News – Latest Cyber News…

Respotter: Open-Source Responder Honeypot

Respotter is an open-source honeypot designed to detect attackers when they launch Responder within your environment. This application identifies active instances of Responder by exploiting its behavior when responding to any DNS query. This article has been indexed from Cyware…

Malvertising Campaign Phishes Lowe’s Employees

The fake landing pages closely mimicked the real Lowe’s portal, prompting employees to enter their sales numbers, passwords, and security question answers, which then were sent to attackers. This article has been indexed from Cyware News – Latest Cyber News…

Critical Vulnerability Discovered in Progress LoadMaster

Progress Software has alerted users to a critical vulnerability (CVE-2024-7591) in its LoadMaster ADC and load balancer solution. The flaw, with a CVSS score of 10, allows remote attackers to execute system commands without authentication. This article has been indexed…

Head Mare Hacktivist Group Targets Russia and Belarus

The group, active since at least 2023, exclusively targets companies in these countries. They use modern techniques to gain initial access to systems, primarily through phishing emails with custom malware like PhantomDL and PhantomCore. This article has been indexed from…