CISA Director Jen Easterly highlighted the importance of not glamorizing threat actors, urging defenders to focus on detecting and responding to malicious tactics rather than being fixated on the threat groups themselves. This article has been indexed from Cyware News…
Tag: Cyware News – Latest Cyber News
Meta Warns of Troll Networks From Russia, Iran Ahead of US Elections
Meta has warned of troll networks originating from Russia and Iran ahead of the US elections. According to a report by Meta, Russia remains the top source of disrupted troll networks on Facebook and Instagram, followed closely by Iran. This…
DDoS Attack Volume Rises, Peak Power Reaches 1.7 Tbps
According to Gcore, the number of DDoS attacks in the first half of 2024 increased by 46% compared to the same period in 2023, reaching a total of 830,000 attacks. The peak attack power also rose to 1.7 terabits per…
Ransomware Attackers Introduce New EDR Killer to Disable Protection on Compromised Hosts
A cybercrime group linked to RansomHub ransomware has been seen using a new EDR-killing tool, named EDRKillShifter, to disable endpoint detection and response software on compromised hosts. This article has been indexed from Cyware News – Latest Cyber News Read…
Google Warns of Iranian Hackers Targeting Affiliates of Both US Presidential Campaigns
Iranian hackers linked to the government of Iran have increased their phishing attacks on high-profile individuals in the U.S. and Israel, including those affiliated with U.S. presidential campaigns, according to Google. This article has been indexed from Cyware News –…
M&A Activity can Amplify Ransomware Insurance Losses, Research Finds
M&A activity can increase ransomware insurance losses, with the severity of claims rising over 400% from 2022 to 2023, according to research by cyber risk company Resilience. This article has been indexed from Cyware News – Latest Cyber News Read…
Ransomware Group Behind Major Indonesian Attack Wears Many Masks
Researchers have linked Brain Cipher to at least three other groups operating under different names. Despite its global reach, the group’s tactics are not particularly sophisticated. This article has been indexed from Cyware News – Latest Cyber News Read the…
An Analysis of Common Malware Loaders
In 2024, loaders were involved in nearly 40% of critical security incidents, with popular ones being SocGholish, GootLoader, and Raspberry Robin, aiming to deliver malware like ransomware, according to Reliaquest. This article has been indexed from Cyware News – Latest…
Highly-Personalized Phishing Campaign Targets Russian Government Dissidents
A spear-phishing campaign targeting Russian government dissidents and Western organizations, attributed to the Russian FSB and threat actor COLDRIVER, uses personalized social engineering tactics to gain access to online accounts. This article has been indexed from Cyware News – Latest…
Massive Cyberattack Hit Central Bank of Iran
A major cyberattack struck the Central Bank of Iran and other Iranian banks, causing disruptions. The incident, reported by Iranian news outlets and Iran International, resulted in the crippling of the banks’ computer systems. This article has been indexed from…
Windows TCP/IP RCE Impacts all Systems with IPv6 Enabled, Patch Now
A critical TCP/IP remote code execution (RCE) vulnerability affecting all Windows systems with IPv6 enabled has been discovered, prompting Microsoft to issue a warning urging users to patch their systems immediately. This article has been indexed from Cyware News –…
South Korea Says DPRK Hackers Stole Spy Plane Technical Data
South Korea’s ruling party, the People Power Party (PPP), has reported that hackers from North Korea have stolen important technical data related to the country’s main battle tank, the K2, as well as its spy planes known as “Baekdu” and…
Ongoing Social Engineering Campaign Refreshes Payloads
Rapid7 identified multiple intrusion attempts by threat actors utilizing social engineering tactics on June 20, 2024. The threat actors use email bombs followed by calls to offer fake solutions, with recent incidents involving Microsoft Teams calls. This article has been…
CryptoCore: Unmasking the Sophisticated Cryptocurrency Scam Operations
The CryptoCore group’s scam operation leverages deepfake technology, hijacked YouTube accounts, and professionally designed websites to trick users into sending cryptocurrencies to scammer wallets. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
FBI Says it is Investigating Purported Trump Campaign Hack
The FBI is investigating a suspected hack of the Trump campaign, following accusations of Iranian involvement. The Trump campaign blames foreign sources and cited a Microsoft report linking Iranian hackers to covert efforts to influence the election. This article has…
Prolific Malvertising Scammer Arrested and Extradited to US to Face Charges
Maxim Silnikau, a Belarusian-Ukrainian cybercriminal dubbed one of the most prolific Russian-speaking hackers by the UK’s NCA, has been arrested in Spain and extradited to the US. This article has been indexed from Cyware News – Latest Cyber News Read…
Update: New Windows SmartScreen Bypass Exploited as Zero-Day Since March
A security loophole in Windows SmartScreen, known as CVE-2024-38213, was exploited by attackers as a zero-day to bypass protection. Microsoft patched this vulnerability during the June 2024 Patch Tuesday. This article has been indexed from Cyware News – Latest Cyber…
How CIOs, CTOs, and CISOs View Cyber Risks Differently
C-suite executives face the challenge of balancing technological innovation with cybersecurity resilience. A report by LevelBlue highlighted the complexities of their roles and the need for strategic cybersecurity approaches. This article has been indexed from Cyware News – Latest Cyber…
Phishing Campaign Poses as Ukraine’s Security Service to Spread ANONVNC Malware
Cybercriminals impersonated the Security Service of Ukraine (SSU) using malicious spam emails to target and infect the systems of Ukrainian government agencies. The attackers successfully distributed AnonVNC malware to over 100 computers. This article has been indexed from Cyware News…
Microsoft Discloses 10 Zero-Day Bugs in Patch Tuesday Update
Microsoft released its August 2024 Patch Tuesday updates, fixing 89 vulnerabilities, including nine zero-days. Among these, six zero-days were actively exploited, while three others were publicly disclosed. A tenth zero-day still remains unpatched. This article has been indexed from Cyware…
Biden Administration Pledges $11 Million to Open Source Security Initiative
The effort, known as the Open-Source Software Prevalence Initiative (OSSPI), aims to identify where open-source software components are being used in sectors like healthcare, transportation, and energy production to enhance national cybersecurity. This article has been indexed from Cyware News…
Feds Seize Radar/Dispossessor Ransomware Gang Servers in US and Europe
Federal authorities have seized servers belonging to the Radar/Dispossessor ransomware gang in the U.S. and Europe. The FBI dismantled dozens of servers linked to the group, which is believed to have ties to the LockBit ransomware enterprise. This article has…
Report: 35% of Exposed API Keys Still Active, Posing Major Security Risks
Nightfall AI’s research found that 35% of exposed API keys were still active, leading to significant security risks. The study uncovered an average of about 350 secrets, including passwords and API keys, exposed per 100 employees annually on GitHub. This…
Critical SAP Flaw Allows Remote Attackers to Bypass Authentication
SAP has released a security patch package for August 2024, addressing 17 vulnerabilities, including a critical authentication bypass flaw (CVE-2024-41730) in the SAP BusinessObjects Business Intelligence Platform. This article has been indexed from Cyware News – Latest Cyber News Read…
Cybercriminal Duo Attracts FBI Notice by Spending Big & Living Large
The FBI found that the cybercriminal duo was involved in Dark Web platforms like WWH Club, Skynetzone, and Opencard for buying, selling, and trading sensitive information and cybercriminal training. This article has been indexed from Cyware News – Latest Cyber…
Manufacturer Orion SA says scammers conned it out of $60M
Orion SA recently disclosed to US regulators that it fell victim to a criminal wire fraud scheme resulting in a $60 million loss. The incident, possibly a BEC scam, involved fraudulent wire transfers to unknown third-party accounts by an employee.…
DeathGrip: Emergence of a new Ransomware-as-a-Service
Promoted through Telegram and other underground forums, DeathGrip RaaS offers aspiring threat actors on the dark web sophisticated ransomware tools, including LockBit 3.0 and Chaos builders. This article has been indexed from Cyware News – Latest Cyber News Read the…
Exploiting pfsense Flaw for Remote Code Execution
During a recent security audit by Laburity researchers, an application with a vulnerability related to pfblockerNG was identified. Attempts using default credentials failed, but an exploit from exploit-db was unsuccessful. This article has been indexed from Cyware News – Latest…
New Banshee MacOS Stealer Attacking Users to Steal Keychain Data
The Banshee Stealer can rob sensitive data, including passwords from macOS Keychain, system information, and data from popular web browsers like Safari, Chrome, and Firefox. It can also access cryptocurrency wallets and plugins. This article has been indexed from Cyware…
Misconfigurations and IAM Weaknesses Top Cloud Security Concerns
While traditional cloud security issues associated with Cloud Service Providers (CSPs) are decreasing in significance, misconfigurations, IAM weaknesses, and API risks remain critical in cloud computing. This article has been indexed from Cyware News – Latest Cyber News Read the…
New Dark Skippy Attack Let Hackers Steal Secret Keys From Signing Devices
The “Dark Skippy” method allows hackers to steal Bitcoin hardware wallet keys by embedding secret data into public Bitcoin transactions, which can then be used to extract a person’s seed words. This article has been indexed from Cyware News –…
Fake X Content Warnings on Ukraine War, Earthquakes Used as Clickbait
Scammers are using fake content warnings related to the Ukraine war and earthquakes to lure users into clicking on links that lead to adult sites, malicious browser extensions, and affiliate scams on X. This article has been indexed from Cyware…
Scout Suite: Open-Source Cloud Security Auditing Tool
Scout Suite is an open-source cloud security auditing tool that assesses security in multi-cloud environments. By using cloud vendors’ APIs, it gathers configuration data to identify risks efficiently. This article has been indexed from Cyware News – Latest Cyber News…
Britain and France to Discuss Misuse of Commercial Cyber Intrusion Tools
The UK and France will discuss the misuse of commercial cyber intrusion tools as part of the Pall Mall Process, aiming to address the irresponsible use of hacking tools like spyware. This article has been indexed from Cyware News –…
NIS2: A Catalyst for Cybersecurity Innovation or Just Another Box-Ticking Exercise?
The Network and Information Security (NIS) 2 Directive is a major cybersecurity regulation in Europe, with EU Member States having until October 17, 2024, to comply with the increased security standards and reporting requirements. This article has been indexed from…
Unmasking the Overlap Between Golddigger and Gigabud Android Malware
Initially discovered in January 2023 impersonating government entities, Gigabud and Golddigger malware campaigns have overlapped, suggesting the same threat actors behind both. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Unmasking the…
Malware-as-a-Service and Ransomware-as-a-Service Lower Barriers for Cybercriminals
Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) have made it easier for cybercriminals to carry out sophisticated attacks, according to Darktrace. These subscription-based tools have lowered the barrier for less experienced attackers. This article has been indexed from Cyware News – Latest…
UN Cybercrime Treaty Passes in Unanimous Vote
The United Nations has unanimously passed its first cybercrime treaty, initially proposed by Russia. This treaty establishes a global legal framework for addressing cybercrime and data access. This article has been indexed from Cyware News – Latest Cyber News Read…
Shorter TLS Certificate Lifespans Expected to Complicate Management Efforts
Shorter TLS certificate lifespans are expected to create challenges for management efforts, with 76% of security leaders acknowledging the need to transition to shorter lifespans for increased security, according to Venafi. This article has been indexed from Cyware News –…
Critical 1Password Flaws May Allow Hackers to Snatch Users’ Passwords
The first vulnerability, CVE-2024-42219, allows bypassing inter-process communication protections and impersonation of trusted 1Password integrations. The second, CVE-2024-42218, lets attackers bypass security mechanisms using outdated app versions. This article has been indexed from Cyware News – Latest Cyber News Read…
Sonos Speaker Flaws Could Have Let Remote Hackers Eavesdrop on Users
The vulnerabilities affect devices before the Sonos S2 release 15.9 and Sonos S1 release 11.12. These flaws could be exploited to compromise devices over the air and capture audio covertly. This article has been indexed from Cyware News – Latest…
CrowdStrike Pursuing Deal to Buy Patch Management Specialist Action1
CrowdStrike is looking to acquire patch management specialist Action1 in a deal worth nearly $1 billion. Action1’s Co-Founder and CEO confirmed the discussions with CrowdStrike employees in a memo. This article has been indexed from Cyware News – Latest Cyber…
SaaS Apps Present an Abbreviated Kill Chain for Attackers
Researchers at AppOmni revealed that adversaries no longer need to complete all seven stages of a traditional kill chain to achieve their goals. This shift requires organizations to rethink their cybersecurity strategies. This article has been indexed from Cyware News…
Microsoft Found OpenVPN Bugs That can be Chained to Achieve RCE and LPE
The vulnerabilities affect all versions of OpenVPN prior to 2.6.10 and 2.5.10. Attackers could gain full control over targeted endpoints by exploiting these vulnerabilities. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
Earth Baku’s Latest Campaign Expands its Reach to Europe, the Middle East, and Africa
Earth Baku has expanded its operations beyond the Indo-Pacific region to Europe, the Middle East, and Africa. They are now targeting countries like Italy, Germany, UAE, and Qatar, with suspected activities in Georgia and Romania. This article has been indexed…
SSHamble: Open-Source Security Testing of SSH Services
RunZero recently released SSHamble, an open-source tool for testing the security of SSH services. This tool helps security teams detect dangerous misconfigurations and software bugs in SSH implementations. This article has been indexed from Cyware News – Latest Cyber News…
How Network Segmentation can Strengthen Visibility in OT Networks
Gaining visibility in OT networks is challenging due to differences in communication protocols between IT and OT systems. Building trust between OT and IT teams is essential, as their priorities often conflict. This article has been indexed from Cyware News…
Update: Exploit Released for Cisco SSM Bug Allowing Admin Password Changes
he vulnerability, tracked as CVE-2024-20419, allows unauthenticated attackers to change any user’s password remotely. To secure vulnerable Cisco Smart Software Manager On-Prem servers, admins must upgrade to a fixed release. This article has been indexed from Cyware News – Latest…
Nearly 200 Firms Have Signed Pledge to Build More Secure Software, Top Cyber Official Says
The initiative, called Secure by Design, was introduced by the Cybersecurity and Infrastructure Security Agency at the RSA Conference, with an initial 70 firms committing to improving security features. This article has been indexed from Cyware News – Latest Cyber…
Latrodectus and ACR Stealer Observed Spreading via Google Authenticator Phishing Site
The phishing site tricks users into downloading a malicious file disguised as Google Authenticator, which then drops the two malware components. The ACR Stealer exfiltrates data to a C&C server, while Latrodectus maintains persistence on the machine. This article has…
Analysis of Data Exfiltration Tools Used by Threat Actors
A comprehensive analysis of data theft incidents investigated by ReliaQuest from September 2023 to July 2024 revealed that Rclone, WinSCP, and cURL are among the most prevalent exfiltration tools used by threat actors. This article has been indexed from Cyware…
Vulnerabilities in Solar Power Management Platform can Lead to Blackouts
Researchers discovered that a solar grid responsible for 20% of the world’s solar power output, enough to power the entire United States, is at risk of being hijacked due to vulnerabilities in PV plant management platforms. This article has been…
Botnet 7777: Are You Betting on a Compromised Router?
Recent findings indicate that the 7777 botnet (aka Quad7) has likely expanded, adding new bots with open port 63256, primarily including Asus routers. As of August 5, 2024, the total number of active bots stood at 12,783. This article has…
New Malware Strains Pop Up in Threat Landscape
Quorum Cyber Incident Response team recently identified a new malware called SharpRhino utilized by the threat actor group Hunters International during a ransomware incident. The malware, written in C#, was distributed through a typosquatting domain posing as Angry IP Scanner.…
Fake WinRar Websites Distributing Malware Payloads Hosted on GitHub
A fraudulent site resembling the official WinRar distribution platform is spreading malware. The fake website, win-rar[.]co, utilizes typosquatting to trick users who mistype the URL. This article has been indexed from Cyware News – Latest Cyber News Read the original…
New Widespread Extension Trojan Malware Campaign
The malware attack flow involves luring users with fake websites imitating popular downloads, then executing PowerShell scripts to download and install malicious extensions that steal private data and control browser settings. This article has been indexed from Cyware News –…
‘0.0.0.0 Day’ Flaw Puts Chrome, Firefox, Mozilla Browsers at RCE Risk
An open source security firm, Oligo Security, has discovered a vulnerability called “0.0.0.0 Day” that allows attackers to execute code on web browsers like Chrome, Safari, and Firefox, potentially leading to data theft and malware. This article has been indexed…
Cisco Warns of Critical RCE Zero-Days in End of Life IP Phones
Cisco has issued a warning about critical remote code execution zero-days affecting the web-based management interface of the Small Business SPA 300 and SPA 500 series IP phones, which are no longer supported. This article has been indexed from Cyware…
CISA Warns of Hackers Abusing Cisco Smart Install Feature
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has advised organizations to disable the legacy Cisco Smart Install (SMI) feature due to recent attacks exploiting it. This article has been indexed from Cyware News – Latest Cyber News Read the…
Hazy Issue in Entra ID Allows Privileged Users to Become Global Admins
An issue with Microsoft’s Entra ID identity and access management service could allow a hacker with admin-level access to gain global administrator privileges within an organization’s cloud environment. This article has been indexed from Cyware News – Latest Cyber News…
Russian Spies Hacked UK Government Systems Earlier This Year, Stole Data and Emails
Russian spies hacked UK government systems earlier this year, stealing data and emails in a nation-state attack. The breach targeted the Home Office’s systems, which had not been previously reported. This article has been indexed from Cyware News – Latest…
How to Weaponize Microsoft Copilot for Cyberattackers
Copilot is an AI-based chatbot used by enterprises to streamline tasks, but it can also be manipulated by attackers to steal data and conduct phishing scams without leaving a trace. This article has been indexed from Cyware News – Latest…
US Offers $10 Million for Information on Iranian Hackers Behind CyberAv3ngers Water Utility Attacks
The U.S. State Department has offered a $10 million reward for information on six Iranian government hackers who allegedly targeted U.S. water utilities last fall. These individuals were previously sanctioned for targeting critical infrastructure. This article has been indexed from…
Number of Incidents Affecting GitHub, Bitbucket, GitLab, and Jira Continues to Rise
The number of incidents affecting GitHub, Bitbucket, GitLab, and Jira is on the rise, leading to outages, human errors, cyberattacks, data breaches, ransomware, security vulnerabilities, and data loss for DevSecOps teams, according to GitProtect.io. This article has been indexed from…
Consumer Reports Study Finds Data Removal Services are Often Ineffective
Consumer Reports cautioned against relying too heavily on data removal services, as many fall short of expectations despite high costs. The study highlighted the need for better protection of consumer data and stricter regulations on data brokers. This article has…
New Ransomware Groups Emerge Despite Crackdowns
According to a report by Rapid7, a total of 21 new or rebranded groups have emerged since January 2024, alongside existing groups like LockBit, which has survived law enforcement crackdowns. This article has been indexed from Cyware News – Latest…
Russia’s Kursk Region Suffers ‘Massive’ DDoS Attack Amid Ukraine Offensive
Kursk region in Russia was hit by a large-scale DDoS attack during Ukraine’s cross-border incursion, affecting government, business websites, and critical services. NetBlocks reported disruptions in internet connectivity linked to the attacks. This article has been indexed from Cyware News…
Ransomware Drill Targets Healthcare in Operation 911
A ransomware drill focused on healthcare called Operation 911 was conducted at Black Hat USA 2024 by Las Vegas law enforcement, the FBI, and Semperis. During the drill, a simulated ransomware attack targeted a fictitious hospital. This article has been…
RustScan: Open-Source Port Scanner
RustScan is a fast and versatile open-source port scanner with Adaptive Learning for optimal performance. It can scan all 65,000 ports in 3 seconds and supports a scripting engine for customization. This article has been indexed from Cyware News –…
OpenWrt Dominates, but Vulnerabilities Persist in OT/IoT Router Firmware
A Forescont study showed that outdated software components in OT/IoT cellular routers and SOHO routers are linked to known vulnerabilities, with an average of 20 exploitable n-days affecting the kernel in widely used firmware images. This article has been indexed…
Critical Progress WhatsUp Gold RCE Flaw Now Under Active Exploitation
Threat actors are actively exploiting a critical remote code execution vulnerability in Progress WhatsUp Gold 23.1.2 and older versions, identified as CVE-2024-4885 with a CVSS v3 score of 9.8. This article has been indexed from Cyware News – Latest Cyber…
Alibaba’s T-Head C910 RISC-V Chips Found Vulnerable to GhostWrite Attack
Alibaba’s T-Head C910 RISC-V CPUs have been found to have serious security flaws by computer security researchers at the CISPA Helmholtz Center for Information Security in Germany. This article has been indexed from Cyware News – Latest Cyber News Read…
Cloud Storage From Microsoft, Google Used in Malware Attacks
Symantec’s Threat Hunter Team has observed various espionage operations utilizing cloud services, like the backdoors GoGra and Grager targeting organizations in South Asia, South East Asia, Taiwan, Hong Kong, and Vietnam. This article has been indexed from Cyware News –…
FBI and CISA Uncover Updated TTPs and Activity of the BlackSuit Ransomware Group
The BlackSuit ransomware group gains access through phishing campaigns, RDP, and vulnerability exploits, using tools like Chisel and Mimikatz for communication and credential theft. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
Ronin Network Hacked, $12 Million Returned by “White Hat” Hackers
Ronin Network was hacked, resulting in the withdrawal of $12 million by “white hat” hackers who returned the stolen funds. The hackers exploited an undocumented vulnerability on the Ronin bridge, withdrawing 4,000 ETH and 2 million USDC. This article has…
Researcher Discovers Downgrade Attack Abusing Windows Update Process
A security researcher at SafeBreach demonstrated at the Black Hat 2024 conference that two zero-day vulnerabilities can be exploited in downgrade attacks to revert fully updated Windows systems back to older versions, reintroducing vulnerabilities. This article has been indexed from…
SEC Ends Probe Into MOVEit Attacks Impacting 95 Million People
The SEC has closed its investigation into Progress Software’s handling of a zero-day flaw in MOVEit Transfer. Progress Software announced in a recent SEC filing that no enforcement action will be recommended by the Division of Enforcement. This article has…
Roundcube Flaws Allow Easy Email Account Compromise (CVE-2024-42009, CVE-2024-42008)
Roundcube’s vulnerabilities (CVE-2024-42009, CVE-2024-42008) allow attackers to compromise email accounts easily. The two cross-site scripting flaws could lead to the theft of emails, contacts, and passwords, and the sending of unauthorized emails. This article has been indexed from Cyware News…
Microsoft 365 Anti-Phishing Feature can be Bypassed with CSS
A flaw in Microsoft 365’s anti-phishing feature allows attackers to hide the ‘First Contact Safety Tip’ warning in Outlook emails using CSS, increasing the risk of users falling for malicious emails. This article has been indexed from Cyware News –…
Report: Email Attacks Skyrocket 293%
According to Acronis, ransomware remains a top threat for SMBs, especially in critical sectors like government and healthcare, where 10 new ransomware groups conducted 84 cyberattacks globally in Q1 2024. This article has been indexed from Cyware News – Latest…
Federal Watchdog Urges EPA to Develop Comprehensive Cyber Strategy to Protect Water Systems
The U.S. Government Accountability Office is urging the Environmental Protection Agency (EPA) to develop a comprehensive strategy to protect the nation’s drinking and wastewater systems from cyber threats. This article has been indexed from Cyware News – Latest Cyber News…
NHS Software Supplier Advanced Faces $7.6 Million Fine Over Ransomware Attack Failings
NHS software supplier Advanced faces a hefty fine of over £6 million (~$7.6 Million) for failing to protect personal information during a ransomware attack that impacted the National Health Service in the UK. This article has been indexed from Cyware…
Threat Actors Announced Doubleface Ransomware, Claims Fully Undetectable
Threat actors have introduced Doubleface ransomware, claiming it to be fully undetectable by major antivirus software. The ransomware utilizes a unique algorithm with AES-128 and RSA-4096 encryption, making decryption difficult without the right key. This article has been indexed from…
Ransomware Swells Despite Collective Push to Curb Attacks
Rapid7 researchers noted over 2,570 attacks in the first half of 2024, equating to around 14 attacks daily. The number of ransomware groups posting on data leak sites surged 67% compared to the previous year. This article has been indexed…
Cyber Training Organization Pledges $15 Million in Education Programs
EC-Council, a cyber certification organization, has pledged $15 million in scholarships to support over 50,000 students in cybersecurity programs. The goal is to help students earn industry credentials and enhance their cybersecurity skills. This article has been indexed from Cyware…
Abnormal Security Raises $250M on $5.1B Valuation to Enhance AI-Driven Cyber Protection
Abnormal Security, an AI-driven cybersecurity company, has raised $250 million in funding, valuing the company at $5.1 billion. The funding will support their mission of using AI to protect against cybercrime by understanding human behavior. This article has been indexed…
North Korean Hackers Leverage Malicious NPM Packages for Initial Access
North Korean hackers, identified as Moonstone Sleet, have been distributing malicious JavaScript packages on the npm registry to infect Windows systems. The two packages, harthat-api and harthat-hash, were uploaded on July 7, 2024. This article has been indexed from Cyware…
Chameleon Malware Now Targeting Employees Masquerading as a CRM app
Researchers have revealed a new tactic used by threat actors behind the Chameleon Android banking trojan, targeting Canadian users with a disguised Customer Relationship Management (CRM) app. This article has been indexed from Cyware News – Latest Cyber News Read…
Replacement for Action Fraud, UK’s Cybercrime Reporting Service, Delayed Again Until 2025
The new service, known as the Fraud and Cyber Crime Reporting and Analysis System (FCCRAS), will enhance the reporting process by allowing users to upload additional information like metadata, screenshots, and images. This article has been indexed from Cyware News…
The Role of AI in Cybersecurity Operations
AI can analyze data quickly, detect patterns of malicious behavior, and automate routine tasks like alert triaging and log analysis. However, human oversight is still necessary to ensure the accuracy and relevance of AI-generated insights. This article has been indexed…
CISA Adds Microsoft COM for Windows Bug to its Known Exploited Vulnerabilities Catalog
The vulnerability, tracked as CVE-2018-0824, arises from the deserialization of untrusted data. Microsoft warns that this flaw could lead to remote code execution if exploited by a specially crafted file or script. This article has been indexed from Cyware News…
Attackers Use Multiple Techniques to Bypass Reputation-Based Security
Attackers have developed multiple techniques to bypass reputation-based security controls like Windows Smart App Control, allowing them initial access to environments without triggering alerts. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
Bloody Wolf Strikes Organizations in Kazakhstan with STRRAT Commercial Malware
The STRRAT malware, sold for $80, allows attackers to take control of computers and steal data. Attackers use phishing emails pretending to be from government agencies to trick victims into downloading malicious files. This article has been indexed from Cyware…
Sneaky SnakeKeylogger Slithers Into Windows Email Inboxes
SnakeKeylogger, also known as KrakenKeylogger, is a malicious software targeting Windows users. It logs keystrokes, steals credentials, and takes screenshots, allowing cybercriminals to capture sensitive information. This article has been indexed from Cyware News – Latest Cyber News Read the…
Cyberattack Cost More Than $17 Million, Key Tronic Tells Regulators
Key Tronic revealed to regulators that a cyberattack in May 2024 cost the company over $17 million. The attack led to a shutdown of operations in Mexico and the U.S. for two weeks. This article has been indexed from Cyware…
North Korean Hackers Exploit VPN Update Flaw to Install Malware
North Korean hackers exploited a VPN software update flaw to install malware and breach networks, as warned by South Korea’s National Cyber Security Center. The threat groups involved in these activities are Kimsuky (APT43) and Andariel (APT45). This article has…
Ransomware Gang Targets IT Workers With New SharpRhino Malware
The Hunters International ransomware group is using a new C# remote access trojan named SharpRhino to target IT workers and breach corporate networks. It is distributed through a typosquatting site posing as Angry IP Scanner’s website. This article has been…
Cyberattacks Still Ravage Schools, Defying White House Efforts Launched Last Year
Last year, the White House launched an initiative to strengthen school cybersecurity, but cyberattacks on schools persist. Private sector resources have been utilized by thousands of school districts to enhance their defenses. This article has been indexed from Cyware News…
Around 20K Ubiquiti IoT Cameras & Routers are Sitting Ducks for Hackers
Around 20,000 Ubiquiti IoT cameras and routers are at risk due to a vulnerability that has been known for five years. Researchers have found that despite patches being available, many devices are still vulnerable. This article has been indexed from…
Google Fixes Android Kernel Zero-Day Exploited in Targeted Attacks
Google has patched a zero-day vulnerability in the Android kernel that was being exploited in targeted attacks. The vulnerability, tracked as CVE-2024-36971, allows for arbitrary code execution without user interaction on unpatched devices. This article has been indexed from Cyware…