Tag: Cyware News – Latest Cyber News

In a recent phishing attempt, Cofense researchers spotted an email disguised as a communication from a company’s HR department, prompting recipients to review an updated employee handbook. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The cybercrime group known as SEXi ransomware, now operating as APT Inc., has been targeting organizations since February. They use a leaked Babuk encryptor for VMware ESXi servers and LockBit 3 encryptor for Windows servers. This article has been indexed…

Read more →

The vulnerability, CVE-2024-38112, was observed by Trend Micro in May 2024, being exploited as part of a multi-stage attack chain using internet shortcut files. The campaign has been active throughout 2024. This article has been indexed from Cyware News –…

Read more →

A coordinated wave of DNS hijacking attacks recently targeted decentralized finance (DeFi) cryptocurrency domains. Attackers used the Squarespace registrar to redirect visitors to phishing sites that aimed to steal cryptocurrency and NFTs. This article has been indexed from Cyware News…

Read more →

The hype surrounding non-human identities (NHIs) has recently increased due to the risk they pose, with breaches causing fear, uncertainty, and doubt. With NHIs outnumbering human identities, the associated risks need to be addressed. This article has been indexed from…

Read more →

Realm is an open-source adversary emulation framework focused on scalability, reliability, and automation. It features a custom interpreter in Rust, enabling the creation of complex TTPs as code. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Threat actors rapidly weaponize proof-of-concept exploits in real attacks, often within 22 minutes of their public release, as per Cloudflare’s 2024 Application Security report covering May 2023 to March 2024. This article has been indexed from Cyware News – Latest…

Read more →

The deployment of BugSleep is a significant development in MuddyWater’s tactics, targeting various sectors with phishing emails leading to the distribution of Remote Management Tools and the BugSleep malware. This article has been indexed from Cyware News – Latest Cyber…

Read more →

By targeting famous brands like tech firms and financial industry players, FIN7 actors deploy redirects, multi-stage phishing campaigns, and impersonate open directories to spread malware. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

The malicious ad campaign employed advanced filtering techniques to evade detection and appeared as a top search result for Microsoft Teams. It redirected users through deceptive links despite displaying microsoft.com as its URL. This article has been indexed from Cyware…

Read more →

The US Cybersecurity and Infrastructure Security Agency (CISA) conducted a red team exercise at an unnamed federal agency in 2023, exposing serious security failings that left critical assets vulnerable. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Vyacheslav Igorevich Penchukov, a criminal who used Zeus and IcedID malware to steal millions of dollars from victims, has been sentenced to almost a decade in prison and ordered to pay $73 million in restitution by a Nebraska federal court…

Read more →

Netgear released firmware patches to fix stored XSS and authentication bypass flaws in the XR1000 Nighthawk gaming router and CAX30 Nighthawk AX6 6-Stream cable modem routers, respectively. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Palo Alto Networks has released security updates to address five vulnerabilities in its products, including a critical flaw in the Expedition tool that could enable admin account takeover. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Alphabet, Google’s parent company, is in advanced talks to acquire cloud security provider Wiz for around $23 billion. Wiz recently raised $1 billion at a $12 billion valuation and has a total of $1.9 billion in funding. This article has…

Read more →

The Office of Management and Budget has issued a memorandum outlining the administration’s cybersecurity priorities for fiscal year 2026, aligning with the national cybersecurity strategy. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

Signal has now taken steps to address the issue by integrating Electron’s SafeStorage API to secure the data store from offline attacks. The new implementation is currently being tested and will soon be available in a Beta version. This article…

Read more →

The US government is pressuring software manufacturers to address operating system command injection vulnerabilities following high-profile threat actor campaigns exploiting these flaws in 2024. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

The U.S. Government Accountability Office’s annual assessment of the Defense Department’s IT spending revealed that several programs lack approved cybersecurity strategies, leaving them vulnerable to potential cyberattacks. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

McAfee Labs has uncovered a unique malware delivery method called the “Clickfix” infection chain, which starts with users being directed to compromised websites and instructed to paste a script into a PowerShell terminal. This article has been indexed from Cyware…

Read more →

Exein, a Rome-based startup, is addressing the critical issue of device security in the IoT space. The company recently secured €15 million (~$16.3 million) in a Series B funding round led by cybersecurity-focused VC 33N. This article has been indexed…

Read more →

Crystalray’s attack chain involves using various OSS tools for reconnaissance, scanning, and exploiting vulnerabilities. The group was first discovered in February using the “SSH-Snake” tool to exploit vulnerabilities in Atlassian Confluence. This article has been indexed from Cyware News –…

Read more →

Federal research agencies will now require covered institutions to implement cybersecurity programs for research and development security due to threats from China. The goal is to increase awareness of security threats and enable apt responses. This article has been indexed…

Read more →

DodgeBox deploys MoonWalk backdoor as a DAT file post-execution. The backdoor shares evasion techniques with DodgeBox and uses Google Drive for command-and-control communication. This article has been indexed from Cyware News – Latest Cyber News Read the original article: China’s…

Read more →

A .NET banking Trojan named Coyote has been identified as a threat to Brazilian financial institutions. It uses a unique execution chain involving the abuse of legitimate software to harvest user financial information. This article has been indexed from Cyware…

Read more →

This new set of packages, consisting of approximately 60 packages and 290 versions, showcases a more sophisticated approach compared to earlier attacks revealed in October 2023, according to ReversingLabs. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Security researchers have identified a critical vulnerability affecting over 1.5 million Exim email servers, making them vulnerable to attacks that can deliver executable attachments to user accounts. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

JAXA was targeted with zero-day exploits during its investigation with Microsoft into a 2023 cyberattack. The attack mainly affected its Active Directory system, prompting JAXA to shut down networks to prevent data compromise. This article has been indexed from Cyware…

Read more →

The attack, identified as a distributed denial-of-service attack (DDoS), affected websites of security services, police, fire and rescue services, and the academy for public security forces. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The attacks were detected earlier this year, with indicators of compromise shared by AhnLab Security Intelligence Center. The attackers initiate their attacks with phishing emails containing malicious attachments disguised as documents. This article has been indexed from Cyware News –…

Read more →

FIN7, a cybercrime group responsible for billions in losses, was dismantled by U.S. authorities in 2023. However, they resurfaced in 2024 with Stark Industries Solutions, hosting thousands of fake websites mimicking renowned companies. This article has been indexed from Cyware…

Read more →

Ransomware gangs are now creating custom data-stealing malware instead of just encrypting files. Mature crime organizations are investing in bespoke data theft tools, according to a Cisco Talos report on the top 14 ransomware groups. This article has been indexed…

Read more →

The PHP vulnerability, tracked as CVE-2024-4577, with a CVSS score of 9.8, allows attackers to execute commands on Windows systems using Chinese and Japanese language settings. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Cytactic, an Israel-based provider of a platform pioneering cyber crisis readiness and management, raised $16M in a seed funding round led by Evolution Equity Partners. It intends to use the funds to expand operations and development efforts. This article has…

Read more →

A new ransomware gang known as EstateRansomware is exploiting a Veeam vulnerability that was patched over a year ago to spread file-encrypting malware and demand ransom payments. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

Compiled V8 JavaScript in Google’s engine converts JavaScript into low-level bytecode, making analysis and detection difficult. Attacks using this bytecode ensure compatibility with the V8 engine for successful execution. This article has been indexed from Cyware News – Latest Cyber…

Read more →

The genesis of BunkerWeb came from the need to apply security practices manually every time a web application was put online. The solution meets global needs with a modular architecture allowing for extensions. This article has been indexed from Cyware…

Read more →

Originally detected in 2020, the ViperSoftX malware now incorporates more sophisticated evasion tactics by using the Common Language Runtime (CLR) to run PowerShell commands within AutoIt scripts distributed through pirated eBook copies. This article has been indexed from Cyware News…

Read more →

The vulnerability impacts all GitLab CE/EE versions from 15.8 to 16.11.6, 17.0 to 17.0.4, and 17.1 to 17.1.2. Under certain circumstances that GitLab has yet to disclose, attackers can exploit it to trigger a new pipeline as an arbitrary user.…

Read more →

A survey by data security company Kiteworks reveals that around 60% of organizations struggle to track their information once it leaves through communication channels like email. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Researchers have identified the developer of a malicious remote access tool used in attacks on Russian organizations. Known as Mr. Burns, the developer has been active in darknet forums since 2010, creating harmful versions of popular tools. This article has…

Read more →

Huione Guarantee, an online marketplace, is reportedly being used for money laundering, particularly in “pig butchering” investment scams. Victims are tricked into investing in fake sites with high returns. This article has been indexed from Cyware News – Latest Cyber…

Read more →

This decision comes after a warning from the Singapore Police about phishing scams targeting bank customers. Scammers have managed to defraud individuals of over S$600,000 ($445,000) in just a few weeks. This article has been indexed from Cyware News –…

Read more →

Google announced that passkeys are now available for high-risk users enrolling in the Advanced Protection Program, ensuring top-notch account security. The program offers free protection for accounts of high-risk individuals. This article has been indexed from Cyware News – Latest…

Read more →

A diverse workforce brings different perspectives, experiences, and problem-solving approaches to the table, enabling teams to identify vulnerabilities and develop more robust defense strategies. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Poco RAT was first categorized on February 7, 2024, and has since targeted customers in multiple sectors, with Mining being the primary focus. One company was the most targeted, responsible for 67% of the total volume of campaigns. This article…

Read more →

Cybersecurity analyst Eugene Lim discovered the risk posed by this vulnerability, which hackers can exploit by chaining messaging APIs in browsers and extensions, bypassing security measures like the Same Origin Policy. This article has been indexed from Cyware News –…

Read more →

The most severe flaw is an improper authorization issue (CVE-2024-6235) with a CVSS score of 9.4, allowing attackers to access sensitive information through the NetScaler Console IP. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

VMware has fixed a high-severity SQL-Injection vulnerability, known as CVE-2024-22280, in its Aria Automation platform. This flaw could allow authenticated users to execute unauthorized database operations through specially crafted SQL queries. This article has been indexed from Cyware News –…

Read more →

The Department of Justice investigated around 1,000 accounts on social media platform X, previously Twitter, which were used by the Kremlin to spread pro-Moscow propaganda created by the AI-driven Meliorator software. This article has been indexed from Cyware News –…

Read more →

Phishing messages impersonating the Regional Transport Office have been circulating since 2024, claiming traffic violations and prompting users to download a malicious APK named “VAHAN PARIVAHAN.apk”. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Research shows that 75% of CISOs are considering a job change due to various challenges and pressures. CISOs often face accountability for cyber incidents and compliance failures, leading to discontent. This article has been indexed from Cyware News – Latest…

Read more →

The Senate Armed Services Committee presented the NDAA for fiscal year 2025, totaling $923.3 billion for defense funding. This includes $878.4 billion for the Pentagon and $33.4 billion for national security programs under the Department of Energy. This article has…

Read more →

QuoIntelligence discovered the operation called Ticket Heist, with convincing websites selling fake Olympic tickets. The prices on these websites are much higher than the official ones. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

The vulnerabilities added include CVE-2024-23692 affecting Rejetto HTTP File Server, CVE-2024-38080 impacting Windows Hyper-V, and CVE-2024-38112 targeting Windows MSHTML Platform. This article has been indexed from Cyware News – Latest Cyber News Read the original article: CISA Adds Microsoft Windows…

Read more →

As part of Microsoft’s July 2024 Patch Tuesday, 142 flaws were addressed, including two zero-days actively exploited and two publicly disclosed. Five critical vulnerabilities were fixed, all related to remote code execution. This article has been indexed from Cyware News…

Read more →

Monocle is an open-source tool powered by an LLM for searching natural language in compiled binaries. It can analyze binaries based on criteria like authentication code or password strings, using Ghidra headless for decompilation. This article has been indexed from…

Read more →

This vulnerability, known as Blast RADIUS and rated 7.5 out of 10 on the severity scale, affects the RADIUS networking protocol, potentially granting unauthorized access to network devices and services without credentials. This article has been indexed from Cyware News…

Read more →

The CISA is developing a new framework to assess the trustworthiness of open-source software projects. The agency’s open-source software security roadmap aims to increase visibility into OSS use and risks across the federal government. This article has been indexed from…

Read more →

A vulnerability in certain versions of the OpenSSH secure networking suite may allow for remote code execution. The vulnerability, identified as CVE-2024-6409 with a CVSS score of 7.0, affects specific versions of OpenSSH such as 8.7p1 and 8.8p1. This article…

Read more →

The cybersecurity arm of the UK government, RITICS, has released a new guide to assist companies in enhancing the security of their operational technology (OT) and industrial control system (ICS) hardware. This article has been indexed from Cyware News –…

Read more →

Hackers are targeting a vulnerability in the Modern Events Calendar WordPress plugin found on over 150,000 websites to upload files and execute code remotely. The plugin by Webnus is used to manage events. This article has been indexed from Cyware…

Read more →

Approximately 68 malicious packages were created between May 26 and June 23, 2024, with deceptive names like cdnjquery and jquertyi. These packages were manually crafted, unlike automated attacks, allowing the threat actor to steal website form data. This article has…

Read more →

Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the UK, and the US have warned about APT40, a China-linked cyber espionage group known for quickly exploiting new security bugs after public disclosure. This article has been indexed…

Read more →

A Yemeni hacking group associated with the Houthi movement has been spying on military personnel in the Middle East by infecting their phones with surveillance software, according to cybersecurity firm Lookout. This article has been indexed from Cyware News –…

Read more →

The scammers identify previous scam victims and pose as trusted entities such as government agencies, cybersecurity firms, or fund recovery services, asking for upfront fees or personal information to supposedly help with the recovery process. This article has been indexed…

Read more →

This vulnerability, tracked as CVE-2024-39884 and caused by a regression, can lead to unintentional exposure of sensitive data when legacy content-type configurations are used. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Splunk has released a set of security updates to address 16 vulnerabilities in Splunk Enterprise and Cloud Platform, including high-severity issues. CVE-2024-36985 allows remote code execution via External Lookup in Splunk Enterprise. This article has been indexed from Cyware News…

Read more →

The company revealed that their corporate IT network, production environment, and TeamViewer connectivity platform are segmented to prevent unauthorized access. Immediate remediation measures were effective in blocking suspicious activity. This article has been indexed from Cyware News – Latest Cyber…

Read more →

Critical infrastructure providers are urging federal officials for more flexibility in reporting cyber incidents within the first 72 hours under the Cyber Incident Reporting for Critical Infrastructure Act. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

Cyble Research and Intelligence Labs (CRIL) has identified an increase in the exploitation of the Microsoft SmartScreen vulnerability (CVE-2024-21412) through an active campaign targeting regions like Spain, the US, and Australia. This article has been indexed from Cyware News –…

Read more →

The shift away from public disclosure on Twitter is part of an evolution in how the CNMF communicates cyber threat information. The command now focuses on working closely with industry partners to share information effectively and efficiently. This article has…

Read more →

The emails falsely accuse recipients of sexual offences, using names and seals of authorities to appear authentic. Citizens are advised not to respond to such emails and report them to authorities. This article has been indexed from Cyware News –…

Read more →

Avast researchers have identified a cryptographic weakness in the DoNex ransomware and its previous versions, enabling them to create a decryptor for files encrypted by these variants. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

A new variation of WordFence evasion malware has been discovered, concealing backdoors in infected WordPress environments. A suspicious plugin named “wp-engine-fast-action” was found tampering with the popular WordFence security plugin. This article has been indexed from Cyware News – Latest…

Read more →

Vinted, a prominent online platform for second-hand sales, has been fined €2,385,276 ($2,582,730) for violating the EU’s General Data Protection Regulation (GDPR) by not properly handling personal data deletion requests. This article has been indexed from Cyware News – Latest…

Read more →

Exploiting these flaws could allow attackers to execute arbitrary commands, read source code, and gain unauthorized access. The vulnerabilities require authentication, with one flaw specifically requiring the built-in SSH server to be enabled. This article has been indexed from Cyware…

Read more →

Cloud resources are increasingly targeted by cyberattacks, with SaaS applications, cloud storage, and cloud management infrastructure being the top categories of attack, according to Thales. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Read more →

The expanding attack surface, with over 15 billion connected devices worldwide, raises concerns about privacy breaches for users. The average home now has 21 connected devices, facing more than 10 daily cyberattacks. This article has been indexed from Cyware News…

Read more →

The malware has evolved into multiple versions, with GootLoader 3 being the latest one in use. Despite updates to the payload, the infection strategies have remained consistent since its resurgence in 2020. This article has been indexed from Cyware News…

Read more →

Information-stealing malware families have evolved to impersonate generative AI tools, with examples like GoldPickaxe stealing facial recognition data for deepfake videos. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Infostealing Malware Masquerading…

Read more →

Team ARXU gained recognition earlier this year for targeting Romania over its support for Israel. The hacker group has a history of cyberattacks against Israel and its allies. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The vulnerability could be exploited to compromise systems without requiring user interaction, contrary to some severity assessments initially made by Tenable and Red Hat. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Traeger grills face security bugs that could spell trouble for BBQ enthusiasts. High-severity vulnerabilities in the Traeger Grill D2 Wi-Fi Controller could allow remote attackers to control the grill’s temperature or shut it down. This article has been indexed from…

Read more →

Eldorado also encrypts network shares using the SMB protocol, deletes shadow volume copies, and skips certain file types to prevent system damage. Affiliates can customize attacks on Windows, while Linux customization is limited. This article has been indexed from Cyware…

Read more →

Online accounts are increasingly protected by passkey technology, but many platforms like banking, e-commerce, social media, and software development can still be compromised using adversary-in-the-middle (AitM) attacks. This article has been indexed from Cyware News – Latest Cyber News Read…

Read more →

The researchers at QiAnXin XLab team discovered a new Golang-based botnet called Zergeca, capable of conducting DDoS attacks. It was detected through a suspicious ELF file and has been used to launch DDoS attacks in Canada, the U.S., and Germany.…

Read more →

A malicious QR code reader app on Google Play has been found distributing the Anatsa banking malware, posing a significant threat to users’ financial data. The app has already been downloaded thousands of times. This article has been indexed from…

Read more →

The Turla malware has been found using weaponized LNK files to infect computers. The malware leverages a compromised website to distribute malicious packages through phishing emails. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Hackers are targeting older versions of the HTTP File Server from Rejetto to drop malware and cryptocurrency mining software by exploiting a critical vulnerability (CVE-2024-23692) that allows executing arbitrary commands without authentication. This article has been indexed from Cyware News…

Read more →

OVHcloud successfully mitigated a record-breaking DDoS attack with a packet rate of 840 million packets per second. The attack originated from compromised MikroTik network devices, which were used to generate high packet rates. This article has been indexed from Cyware…

Read more →

Over 384,000 websites, including those of major companies and government entities, are still linking to the polyfill[.]io code library that was recently acquired by a Chinese firm and used to perform a supply chain attack. This article has been indexed…

Read more →

Twilio has confirmed that an unsecured API endpoint allowed threat actors to access phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks. This article has been indexed from Cyware…

Read more →

Researchers at Recorded Future’s Insikt Group analyzed infostealer malware logs captured between February 2021 and February 2024. They cross-referenced the credentials with 20 known CSAM domains, identifying 3,324 unique username-password pairs. This article has been indexed from Cyware News –…

Read more →

Microsoft has exposed two significant vulnerabilities in Rockwell Automation’s PanelView Plus devices that could be exploited by attackers to execute remote code and launch denial-of-service attacks. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

Researchers have identified a new ransomware group called Volcano Demon responsible for two recent successful attacks on companies in the manufacturing and logistics sectors. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

Read more →

Recent discoveries have unveiled severe vulnerabilities within CocoaPods, a dependency manager essential for iOS and macOS application development. These security flaws could lead to significant supply chain attacks, jeopardizing numerous applications. The exploit allows attackers to alter the software update…

Read more →

Secator is an open-source task and workflow runner designed for security assessments to streamline the use of various security tools for pen testers and security researchers. This article has been indexed from Cyware News – Latest Cyber News Read the…

Read more →

In the early part of 2024, the FakeBat loader, also known as EugenLoader or PaykLoader, emerged as a significant threat utilizing the drive-by download technique to spread malware. This article has been indexed from Cyware News – Latest Cyber News…

Read more →

The US Department of Health and Human Services has levied a fine of $950,000 from the Heritage Valley Health System in Pennsylvania. It must address potential HIPAA violations after a ransomware attack in 2017. This article has been indexed from…

Read more →