Tag: Cyware News – Latest Cyber News

Realm: Open-Source Adversary Emulation Framework

Realm is an open-source adversary emulation framework focused on scalability, reliability, and automation. It features a custom interpreter in Rust, enabling the creation of complex TTPs as code. This article has been indexed from Cyware News – Latest Cyber News…

New BugSleep Backdoor Deployed in Recent MuddyWater Campaigns

The deployment of BugSleep is a significant development in MuddyWater’s tactics, targeting various sectors with phishing emails leading to the distribution of Remote Management Tools and the BugSleep malware. This article has been indexed from Cyware News – Latest Cyber…

Over 4000 Domains Used By FIN7 Actors Mimic Popular Brands

By targeting famous brands like tech firms and financial industry players, FIN7 actors deploy redirects, multi-stage phishing campaigns, and impersonate open directories to spread malware. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Netgear Warns Users to Patch Auth Bypass, XSS Router Flaws

Netgear released firmware patches to fix stored XSS and authentication bypass flaws in the XR1000 Nighthawk gaming router and CAX30 Nighthawk AX6 6-Stream cable modem routers, respectively. This article has been indexed from Cyware News – Latest Cyber News Read…

White House Calls for Defending Critical Infrastructure

The Office of Management and Budget has issued a memorandum outlining the administration’s cybersecurity priorities for fiscal year 2026, aligning with the national cybersecurity strategy. This article has been indexed from Cyware News – Latest Cyber News Read the original…

Credential-Stealing OSS ‘Crystalray’ Attacks Jump 10X

Crystalray’s attack chain involves using various OSS tools for reconnaissance, scanning, and exploiting vulnerabilities. The group was first discovered in February using the “SSH-Snake” tool to exploit vulnerabilities in Atlassian Confluence. This article has been indexed from Cyware News –…

China’s APT41 Crew Adds Stealthy Malware to its Toolbox

DodgeBox deploys MoonWalk backdoor as a DAT file post-execution. The backdoor shares evasion techniques with DodgeBox and uses Google Drive for command-and-control communication. This article has been indexed from Cyware News – Latest Cyber News Read the original article: China’s…

Japanese Space Agency Spots Unspecified Zero-Day Attacks

JAXA was targeted with zero-day exploits during its investigation with Microsoft into a 2023 cyberattack. The attack mainly affected its Active Directory system, prompting JAXA to shut down networks to prevent data compromise. This article has been indexed from Cyware…

Japan Warns of Attacks Linked to North Korean Kimsuky Hackers

The attacks were detected earlier this year, with indicators of compromise shared by AhnLab Security Intelligence Center. The attackers initiate their attacks with phishing emails containing malicious attachments disguised as documents. This article has been indexed from Cyware News –…

The Stark Truth Behind the Resurgence of Russia’s FIN7

FIN7, a cybercrime group responsible for billions in losses, was dismantled by U.S. authorities in 2023. However, they resurfaced in 2024 with Stark Industries Solutions, hosting thousands of fake websites mimicking renowned companies. This article has been indexed from Cyware…

Ransomware Gangs Invest in Custom Data Stealing Malware

Ransomware gangs are now creating custom data-stealing malware instead of just encrypting files. Mature crime organizations are investing in bespoke data theft tools, according to a Cisco Talos report on the top 14 ransomware groups. This article has been indexed…

Cytactic Raises $16M in Seed Funding

Cytactic, an Israel-based provider of a platform pioneering cyber crisis readiness and management, raised $16M in a seed funding round led by Evolution Equity Partners. It intends to use the funds to expand operations and development efforts. This article has…

Exploring Compiled V8 JavaScript Usage in Malware

Compiled V8 JavaScript in Google’s engine converts JavaScript into low-level bytecode, making analysis and detection difficult. Attacks using this bytecode ensure compatibility with the V8 engine for successful execution. This article has been indexed from Cyware News – Latest Cyber…

BunkerWeb: Open-Source Web Application Firewall (WAF)

The genesis of BunkerWeb came from the need to apply security practices manually every time a web application was put online. The solution meets global needs with a modular architecture allowing for extensions. This article has been indexed from Cyware…

Risk Escalates as Communication Channels Proliferate

A survey by data security company Kiteworks reveals that around 60% of organizations struggle to track their information once it leaves through communication channels like email. This article has been indexed from Cyware News – Latest Cyber News Read the…

Singapore to Phase Out One-Time Passwords in Banking

This decision comes after a warning from the Singapore Police about phishing scams targeting bank customers. Scammers have managed to defraud individuals of over S$600,000 ($445,000) in just a few weeks. This article has been indexed from Cyware News –…

Diversifying Cyber Teams to Tackle Complex Threats

A diverse workforce brings different perspectives, experiences, and problem-solving approaches to the table, enabling teams to identify vulnerabilities and develop more robust defense strategies. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…

US Busts Russian AI-Driven Disinformation Operation

The Department of Justice investigated around 1,000 accounts on social media platform X, previously Twitter, which were used by the Kremlin to spread pro-Moscow propaganda created by the AI-driven Meliorator software. This article has been indexed from Cyware News –…

Monocle: Open-Source LLM for Binary Analysis Search

Monocle is an open-source tool powered by an LLM for searching natural language in compiled binaries. It can analyze binaries based on criteria like authentication code or password strings, using Ghidra headless for decompilation. This article has been indexed from…

Blast RADIUS Attack can Bypass Authentication for Clients

This vulnerability, known as Blast RADIUS and rated 7.5 out of 10 on the severity scale, affects the RADIUS networking protocol, potentially granting unauthorized access to network devices and services without credentials. This article has been indexed from Cyware News…

How CISA Plans to Measure Trust in Open-Source Software

The CISA is developing a new framework to assess the trustworthiness of open-source software projects. The agency’s open-source software security roadmap aims to increase visibility into OSS use and risks across the federal government. This article has been indexed from…

New Flaw in OpenSSH can Lead to Remote Code Execution

A vulnerability in certain versions of the OpenSSH secure networking suite may allow for remote code execution. The vulnerability, identified as CVE-2024-6409 with a CVSS score of 7.0, affects specific versions of OpenSSH such as 8.7p1 and 8.8p1. This article…

Persistent npm Campaign Shipping Trojanized jQuery

Approximately 68 malicious packages were created between May 26 and June 23, 2024, with deceptive names like cdnjquery and jquertyi. These packages were manually crafted, unlike automated attacks, allowing the threat actor to steal website form data. This article has…

New Variation of WordFence Evasion Malware Discovered

A new variation of WordFence evasion malware has been discovered, concealing backdoors in infected WordPress environments. A suspicious plugin named “wp-engine-fast-action” was found tampering with the popular WordFence security plugin. This article has been indexed from Cyware News – Latest…

Vinted Fined $2.6m Over Data Protection Failure

Vinted, a prominent online platform for second-hand sales, has been fined €2,385,276 ($2,582,730) for violating the EU’s General Data Protection Regulation (GDPR) by not properly handling personal data deletion requests. This article has been indexed from Cyware News – Latest…

Gogs Vulnerabilities May Put Your Source Code at Risk

Exploiting these flaws could allow attackers to execute arbitrary commands, read source code, and gain unauthorized access. The vulnerabilities require authentication, with one flaw specifically requiring the built-in SSH server to be enabled. This article has been indexed from Cyware…

Report: 47% of Corporate Data Stored in the Cloud Is Sensitive

Cloud resources are increasingly targeted by cyberattacks, with SaaS applications, cloud storage, and cloud management infrastructure being the top categories of attack, according to Thales. This article has been indexed from Cyware News – Latest Cyber News Read the original…

GootLoader is Still Active and Efficient

The malware has evolved into multiple versions, with GootLoader 3 being the latest one in use. Despite updates to the payload, the infection strategies have remained consistent since its resurgence in 2020. This article has been indexed from Cyware News…

Infostealing Malware Masquerading as Generative AI Tools

Information-stealing malware families have evolved to impersonate generative AI tools, with examples like GoldPickaxe stealing facial recognition data for deepfake videos. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Infostealing Malware Masquerading…

Traeger Security Bugs Threatening Grillers’ Hard Work

Traeger grills face security bugs that could spell trouble for BBQ enthusiasts. High-severity vulnerabilities in the Traeger Grill D2 Wi-Fi Controller could allow remote attackers to control the grill’s temperature or shut it down. This article has been indexed from…

New Eldorado Ransomware Targets Windows, VMware ESXi VMs

Eldorado also encrypts network shares using the SMB protocol, deletes shadow volume copies, and skips certain file types to prevent system damage. Affiliates can customize attacks on Windows, while Linux customization is limited. This article has been indexed from Cyware…

Passkey Redaction Attacks Subvert GitHub, Microsoft Authentication

Online accounts are increasingly protected by passkey technology, but many platforms like banking, e-commerce, social media, and software development can still be compromised using adversary-in-the-middle (AitM) attacks. This article has been indexed from Cyware News – Latest Cyber News Read…

Turla: A Master of Deception

The Turla malware has been found using weaponized LNK files to infect computers. The malware leverages a compromised website to distribute malicious packages through phishing emails. This article has been indexed from Cyware News – Latest Cyber News Read the…

Hackers attack HFS servers to drop malware and Monero miners

Hackers are targeting older versions of the HTTP File Server from Rejetto to drop malware and cryptocurrency mining software by exploiting a critical vulnerability (CVE-2024-23692) that allows executing arbitrary commands without authentication. This article has been indexed from Cyware News…

RCE, DoS Exploits Found in Rockwell PanelView Plus: Patch Now

Microsoft has exposed two significant vulnerabilities in Rockwell Automation’s PanelView Plus devices that could be exploited by attackers to execute remote code and launch denial-of-service attacks. This article has been indexed from Cyware News – Latest Cyber News Read the…

Secator: Open-Source Pentesting Swiss Army Knife

Secator is an open-source task and workflow runner designed for security assessments to streamline the use of various security tools for pen testers and security researchers. This article has been indexed from Cyware News – Latest Cyber News Read the…