The vulnerability could be exploited to compromise systems without requiring user interaction, contrary to some severity assessments initially made by Tenable and Red Hat. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
Tag: Cyware News – Latest Cyber News
Traeger Security Bugs Threatening Grillers’ Hard Work
Traeger grills face security bugs that could spell trouble for BBQ enthusiasts. High-severity vulnerabilities in the Traeger Grill D2 Wi-Fi Controller could allow remote attackers to control the grill’s temperature or shut it down. This article has been indexed from…
New Eldorado Ransomware Targets Windows, VMware ESXi VMs
Eldorado also encrypts network shares using the SMB protocol, deletes shadow volume copies, and skips certain file types to prevent system damage. Affiliates can customize attacks on Windows, while Linux customization is limited. This article has been indexed from Cyware…
Passkey Redaction Attacks Subvert GitHub, Microsoft Authentication
Online accounts are increasingly protected by passkey technology, but many platforms like banking, e-commerce, social media, and software development can still be compromised using adversary-in-the-middle (AitM) attacks. This article has been indexed from Cyware News – Latest Cyber News Read…
New Golang Zergeca Botnet appeared in the threat landscape
The researchers at QiAnXin XLab team discovered a new Golang-based botnet called Zergeca, capable of conducting DDoS attacks. It was detected through a suspicious ELF file and has been used to launch DDoS attacks in Canada, the U.S., and Germany.…
Malicious QR Reader App in Google Play Delivers Anatsa Banking Malware
A malicious QR code reader app on Google Play has been found distributing the Anatsa banking malware, posing a significant threat to users’ financial data. The app has already been downloaded thousands of times. This article has been indexed from…
Turla: A Master of Deception
The Turla malware has been found using weaponized LNK files to infect computers. The malware leverages a compromised website to distribute malicious packages through phishing emails. This article has been indexed from Cyware News – Latest Cyber News Read the…
Hackers attack HFS servers to drop malware and Monero miners
Hackers are targeting older versions of the HTTP File Server from Rejetto to drop malware and cryptocurrency mining software by exploiting a critical vulnerability (CVE-2024-23692) that allows executing arbitrary commands without authentication. This article has been indexed from Cyware News…
OVHcloud blames record-breaking DDoS attack on MikroTik botnet
OVHcloud successfully mitigated a record-breaking DDoS attack with a packet rate of 840 million packets per second. The attack originated from compromised MikroTik network devices, which were used to generate high packet rates. This article has been indexed from Cyware…
384,000 sites pull code from sketchy code library recently bought by Chinese firm
Over 384,000 websites, including those of major companies and government entities, are still linking to the polyfill[.]io code library that was recently acquired by a Chinese firm and used to perform a supply chain attack. This article has been indexed…
Hackers abused API to verify millions of Authy MFA phone numbers
Twilio has confirmed that an unsecured API endpoint allowed threat actors to access phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks. This article has been indexed from Cyware…
Infostealer malware logs used to identify child abuse website members
Researchers at Recorded Future’s Insikt Group analyzed infostealer malware logs captured between February 2021 and February 2024. They cross-referenced the credentials with 20 known CSAM domains, identifying 3,324 unique username-password pairs. This article has been indexed from Cyware News –…
RCE, DoS Exploits Found in Rockwell PanelView Plus: Patch Now
Microsoft has exposed two significant vulnerabilities in Rockwell Automation’s PanelView Plus devices that could be exploited by attackers to execute remote code and launch denial-of-service attacks. This article has been indexed from Cyware News – Latest Cyber News Read the…
New Ransomware Group Uses Phone Calls to Pressure Victims, Researchers Say
Researchers have identified a new ransomware group called Volcano Demon responsible for two recent successful attacks on companies in the manufacturing and logistics sectors. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
Vulnerabilities in CocoaPods: The Achilles’ Heel of the Apple App Ecosystem
Recent discoveries have unveiled severe vulnerabilities within CocoaPods, a dependency manager essential for iOS and macOS application development. These security flaws could lead to significant supply chain attacks, jeopardizing numerous applications. The exploit allows attackers to alter the software update…
Secator: Open-Source Pentesting Swiss Army Knife
Secator is an open-source task and workflow runner designed for security assessments to streamline the use of various security tools for pen testers and security researchers. This article has been indexed from Cyware News – Latest Cyber News Read the…
Understanding the FakeBat Loader: Distribution Tactics and Cybercriminal Infrastructure
In the early part of 2024, the FakeBat loader, also known as EugenLoader or PaykLoader, emerged as a significant threat utilizing the drive-by download technique to spread malware. This article has been indexed from Cyware News – Latest Cyber News…
Feds Hit Health Entity With $950K Fine in Ransomware Attack
The US Department of Health and Human Services has levied a fine of $950,000 from the Heritage Valley Health System in Pennsylvania. It must address potential HIPAA violations after a ransomware attack in 2017. This article has been indexed from…
Industry Groups Ask HHS for Guidance on Massive Change Breach Reports
Industry groups are seeking further clarification on delegation processes and want a clear statement that covered entities without a business associate relationship with Change Healthcare are not obliged to notify patients. This article has been indexed from Cyware News –…
Dozens of Arrests Disrupt $2.7m Vishing Gang
The criminal gang targeted elderly Spanish citizens by posing as bank employees through voice phishing and then showing up unannounced at their homes to collect cards, bank details, and PINs. This article has been indexed from Cyware News – Latest…
Supposed Grasshopper Operators Impersonate Israeli Government and Private Companies to Deploy Open-Source Malware
The group uses a mix of publicly available malware and custom development to carry out their attacks. They have been using custom WordPress websites as a payload delivery mechanism. This article has been indexed from Cyware News – Latest Cyber…
The Impossibility of “Getting Ahead” in Cyber Defense
The nature of defense is inherently stacked against defenders, as cybercriminals aim to disrupt systems while defenders manage complex tech stacks. Additionally, the rapid evolution of technology means defenders are always playing catch-up. This article has been indexed from Cyware…
FCC Drafts Rules to Strengthen Cyber of Emergency Systems
The Federal Communications Commission (FCC) has proposed draft final rules to enhance the security of public alert and warning systems in the face of emerging cybersecurity threats. This article has been indexed from Cyware News – Latest Cyber News Read…
Polyglot Files Enable Cyber Attack Chains and Methods for Detection & Disarmament
Hackers are using polyglot files, which can fit into multiple file formats and evade detection by endpoint detection and response systems. Research indicates that some commercial EDR tools have a 0% detection rate for malicious polyglots. This article has been…
Cybersecurity is Now a Top Concern for Auto Industry, Report Finds
According to a survey by Rockwell Automation, vehicle and automotive supply manufacturers ranked cybersecurity as their biggest external concern. Cyberattacks resulted in $11.8 billion in damages during the first half of 2023 alone. This article has been indexed from Cyware…
US Supreme Court Ruling on Chevron Doctrine May Upend Future Cybersecurity Regulation
The ruling may lead to legal challenges against recent cybersecurity regulations, including the 2023 cyber incident reporting requirements by the Securities and Exchange Commission (SEC). This article has been indexed from Cyware News – Latest Cyber News Read the original…
Rapid7 To Acquire Attack Surface Management Startup Noetic Cyber
Cybersecurity firm Rapid7 has announced to acquired Noetic Cyber, a startup specializing in cyber asset attack surface management (CAASM). The terms of the deal were not disclosed. This article has been indexed from Cyware News – Latest Cyber News Read…
New Orcinius Trojan Uses VBA Stomping to Mask Infection
This multi-stage trojan utilizes Dropbox and Google Docs to update and deliver payloads. It uses the VBA stomping technique, removing the VBA source code in a Microsoft Office document, leaving only compiled p-code. This article has been indexed from Cyware…
Preparing for Q-Day as NIST Nears Approval of PQC Standards
Q-Day, the day when a quantum computer can break modern encryption, is approaching rapidly, leaving our society vulnerable to cyberattacks. Recent advancements in quantum technology suggest that Q-Day is coming sooner than expected. This article has been indexed from Cyware…
CapraRAT Spyware Variant Disguised as Popular Apps to Target Android Users
The recent campaign shows updates to the group’s techniques and social engineering tactics, as well as efforts to maximize the spyware’s compatibility with older and modern versions of the Android operating system. This article has been indexed from Cyware News…
How Hacked YouTube Channels Spread Scams and Malware
The most common attack methods against YouTube channels involve phishing attacks to steal login credentials, exploiting weak or reused passwords, and even bypassing two-factor authentication by stealing session cookies. This article has been indexed from Cyware News – Latest Cyber…
Dev Rejects CVE Severity, Makes his GitHub Repository Read-Only
The open source project ‘ip’ has been archived on GitHub due to a dubious CVE report filed against it. This is not an isolated incident, as open-source developers have seen an increase in unsubstantiated CVE reports for their projects. This…
Report: Cyber Workforce Grows 15% at Large Organizations
Large organizations have significantly bolstered their cybersecurity workforce in 2024, with an average of one expert dedicated to cybersecurity for every 1,086 employees in companies with over $1 billion in revenue, as per a report by Wavestone. This article has…
Latest Intel CPUs Impacted by New Indirector Side-Channel Attack
Researchers at the University of California, San Diego have discovered a new type of attack called ‘Indirector’ that targets modern Intel processors, including those from the Raptor Lake and Alder Lake generations. This article has been indexed from Cyware News…
Indonesia Arrests Over 100 Foreigners in Bali Suspected of Participating in Cybercrime
Over a hundred foreign nationals suspected of committing cybercrimes were arrested in a villa raid on Bali. Among the arrested, 14 were Taiwanese citizens, but the identities of the others are unknown, although all held Taiwanese passports. This article has…
CISOs Becoming More Comfortable With Risk Levels
The cyber threats landscape has led to changes in the way CISOs evaluate their business’s risk appetite, causing tensions with CEO and C-suite members, according to Netskope. This article has been indexed from Cyware News – Latest Cyber News Read…
China’s ‘Velvet Ant’ Hackers Caught Exploiting New Zero-Day in Cisco Devices
The vulnerability, known as CVE-2024-20399, affects Cisco NX-OS software used for Nexus-series switches. Sygnia discovered the vulnerability during an investigation into the threat group Velvet Ant. This article has been indexed from Cyware News – Latest Cyber News Read the…
Industrial cyberattacks fuel surge in OT cybersecurity spending
Enterprise spending on OT cybersecurity is predicted to increase by almost 70% to $21.6 billion globally by 2028, up from $12.75 billion in 2023, driven by attacks and regulation, according to ABI Research. This article has been indexed from Cyware…
National Australia Bank Raises Alarm About Cyber Threats to Major Banks
Australia’s four major banks, including ANZ Bank, Commonwealth Bank, National Australia Bank (NAB), and Westpac, are constantly under attack from threat actors seeking to steal sensitive information and money from unsuspecting customers. This article has been indexed from Cyware News…
Sanctioned and Exposed, Predator Spyware Maker Group Has Gone Awfully Quiet
The group behind the Predator spyware, Intellexa Alliance, has significantly reduced its operations, indicating that it has been impacted by recent sanctions and exposure. This article has been indexed from Cyware News – Latest Cyber News Read the original article:…
Brighton Park Capital Invests $112 Million in PortSwigger to Fuel Innovation and Product Development
The investment will fuel PortSwigger’s growth and enable the company to accelerate product development, expand research initiatives, strengthen its international presence, and continue driving innovation. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Korean ERP Vendor’s Update Systems Subverted to Spew Malware
A South Korean ERP vendor’s product update server was breached by attackers who used it to distribute malware instead of legitimate updates, according to AhnLab, a local cybersecurity firm. This article has been indexed from Cyware News – Latest Cyber…
Poland to Probe Russia-Linked Cyberattack on State News Agency
Polish prosecutors are investigating a suspected Russian attack on the country’s state news agency, the Polish Press Agency (PAP). The attack, which occurred in May, aimed to spread disinformation and cause disruptions in Poland’s system or economy. This article has…
AuthZed Raises $12 Million to Accelerate Permissions Systems in Series A Funding
The new funding will accelerate a strategic expansion for small–to mid-market-sized organizations, providing a fully managed and easy-to-deploy permissions system that is simple to maintain for their current and future authorization needs. This article has been indexed from Cyware News…
Apple CocoaPods Bugs Expose Millions of Apps to Code Injection
A report by E.V.A Information Security reveals that Apple’s popular dependency manager, CocoaPods, has been plagued with three critical vulnerabilities for several years. This article has been indexed from Cyware News – Latest Cyber News Read the original article: Apple…
Startup Odaseva Raises $54M to Bolster Global Expansion, R&D
The Series C funding will allow San Francisco-based Odaseva to provide more robust support to clients dealing with stringent data residency regulations and evolving privacy laws around the globe, according to founder and CEO Sovan Bin. This article has been…
TeamViewer Says Russia’s ‘Cozy Bear’ Hackers Attacked Corporate IT System
Remote access solution provider TeamViewer confirmed that the Russian hacking group APT29 breached its corporate IT environment. The hack on TeamViewer was traced back to an employee account. This article has been indexed from Cyware News – Latest Cyber News…
Report: 75% of New Vulnerabilities Exploited Within 19 Days
Last year, Skybox Security reported that there were over 30,000 new vulnerabilities, with a new vulnerability emerging every 17 minutes on average. This amounts to around 600 new vulnerabilities per week. This article has been indexed from Cyware News –…
Multiple Vulnerabilities Found in Gas Chromatographs
Multiple critical vulnerabilities have been discovered in Emerson gas chromatographs, which could potentially enable unauthorized access to sensitive data, cause denial-of-service attacks, and execute arbitrary commands. This article has been indexed from Cyware News – Latest Cyber News Read the…
New ‘regreSSHion’ Remote Unauthenticated Code Execution Vulnerability Discovered in OpenSSH Server
Approximately 700,000 external internet-facing instances are vulnerable, accounting for 31% of global instances with OpenSSH. Additionally, a small percentage of vulnerable instances are running an End-Of-Life/End-Of-Support version of OpenSSH. This article has been indexed from Cyware News – Latest Cyber…
Web Scraping is Not Just a Security or Fraud Problem
Scraper bots have a negative impact on various aspects of an organization, including revenue, competitive advantage, brand identity, customer experience, infrastructure costs, and digital experience. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Fake IT Support Sites Push Malicious PowerShell Scripts as Windows Fixes
These sites are promoted through compromised YouTube channels, lending them credibility. One particular error, the 0x80070643 error, which appeared after a Microsoft security update, has been exploited by threat actors. This article has been indexed from Cyware News – Latest…
Police Allege ‘Evil Twin’ In-Flight Wi-Fi Used to Steal Information
A man in Australia was charged with operating fake Wi-Fi networks on a commercial flight to steal passengers’ email and social media credentials. The investigation began when an airline reported a suspicious Wi-Fi network during a domestic flight. This article…
Update: Polyfill.io, BootCDN, Bootcss, Staticfile Attack Traced to one Operator
Researchers found a public GitHub repo where the operators of Polyfill.io accidentally exposed their Cloudflare secret keys. By using these leaked API keys, they were able to confirm that a single entity was behind the attack on all four domains.…
Meet Brain Cipher — The New Ransomware Behind Indonesia’s Data Center Attack
Brain Cipher ransomware has been uploaded to various malware-sharing sites, created using the leaked LockBit 3.0 builder. The encryptor used by Brain Cipher appends an extension and encrypts the file name of the encrypted files. This article has been indexed…
Threat Actors Actively Exploit D-Link DIR-859 Router Flaw
The flaw, which has a CVSS score of 9.8, allows threat actors to perform path traversal attacks and gain unauthorized access to sensitive information, including user passwords. This article has been indexed from Cyware News – Latest Cyber News Read…
Juniper Releases Out-of-Cycle Fix for Max Severity Authentication Bypass Flaw
Juniper Networks has released an emergency update to address a severe vulnerability in Session Smart Router (SSR), Session Smart Conductor, and WAN Assurance Router products. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Your Phone’s 5G Connection Is Vulnerable to Bypass, DoS Attacks
One attack involves setting up a fake base station using a Raspberry Pi or a software-defined radio (SDR). These devices can imitate a real base station and are readily available for purchase. This article has been indexed from Cyware News…
Critical GitLab Bug Lets Attackers Run Pipelines as Any User
A critical vulnerability has been discovered in certain versions of GitLab Community and Enterprise Edition products. This vulnerability allows an attacker to run pipelines as any user. This article has been indexed from Cyware News – Latest Cyber News Read…
China-Sponsored Attackers Target 40K Corporate Users in 90 Days
The campaigns, named LegalQloud, Eqooqp, and Boomer, deploy highly evasive and adaptive threat (HEAT) attack techniques that can bypass multifactor authentication (MFA) and URL filtering. This article has been indexed from Cyware News – Latest Cyber News Read the original…
New Unfurling Hemlock Threat Actor Floods Systems with Malware
Unfurling Hemlock is using a new method, referred to as a “malware cluster bomb,” which allows the threat actor to use one malware sample to spread additional malware on compromised machines. This article has been indexed from Cyware News –…
Remote Access Giant TeamViewer Says Russian Spies Hacked Its Corporate Network
TeamViewer, a leading provider of remote access tools, has confirmed that its corporate network is currently under a cyberattack. The company has identified the attackers as a government-backed Russian intelligence group known as APT29. This article has been indexed from…
Kimsuky Deploys TRANSLATEXT to Target South Korean Academia
Kimsuky uploaded TRANSLATEXT to their attacker-controlled GitHub repository on March 7, 2024, and it is capable of bypassing security measures for prominent email service providers like Gmail, Kakao, and Naver. This article has been indexed from Cyware News – Latest…
Malware Peddlers Experimenting with BPL Sideloading and Masking Malicious Payloads as PGP Keys
The campaign involves a Bollywood pirate movie download site leading to a Bunny content delivery platform, which then points to a ZIP file. Inside the ZIP file, there is another password-protected ZIP file with a text file containing the password.…
Gitleaks: Open-Source Solution for Detecting Secrets in Your Code
Gitleaks is an open-source tool that detects and prevents hardcoded secrets in Git repositories, like passwords or API keys. It stands out for its easy-to-use and configurable system for scanning secrets. This article has been indexed from Cyware News –…
Crypto-Gang Leader Convicted of Vicious Kidnaps, Robbery
A 24-year-old leader of an international robbery crew, Remy St Felix, has been convicted in the US for carrying out violent home invasions to steal cryptocurrency tokens. This article has been indexed from Cyware News – Latest Cyber News Read…
‘Poseidon’ Mac stealer Distributed via Malicious Google Ads
A new campaign targeting Mac users through malicious Google ads for the Arc browser has been observed. This is the second time Arc has been used as a lure, indicating its popularity. This article has been indexed from Cyware News…
US Federal Agencies Warn Healthcare Sector of Payment Diversion Schemes
Federal authorities are warning about social engineering and phishing scams that target IT help desk workers and allow attackers to steal login credentials in order to access healthcare sector entities’ IT systems. This article has been indexed from Cyware News…
Nuance Ex-Employee Indicted for Breach Affecting 1 Million
A former employee of Nuance Communications, a unit of Microsoft, is the main suspect in a 2023 data breach that affected over 1 million patients of Geisinger, a healthcare system based in Pennsylvania. This article has been indexed from Cyware…
New Ransomware, Infostealers Pose Growing Risk in 2024
In Q1 2024, BlackBerry detected and stopped 3.1 million cyberattacks, averaging 37,000 per day. They also detected 630,000 malicious hashes, a 40% increase from the previous reporting period. This article has been indexed from Cyware News – Latest Cyber News…
CISA Report Finds Critical Open-Source Memory Safety Risks
CISA urges manufacturers to reduce memory safety vulnerabilities by ditching memory-unsafe languages, implementing secure coding practices, and adopting routine security testing measures. This article has been indexed from Cyware News – Latest Cyber News Read the original article: CISA Report…
CISA Adds GeoServer, Linux Kernel, and Roundcube Webmail Bugs to its Known Exploited Vulnerabilities Catalog
The US cybersecurity agency CISA has issued a warning about cyber threat actors exploiting vulnerabilities in GeoServer (CVE-2022-24816), the Linux kernel (CVE-2022-2586), and Roundcube Webmail (CVE-2020-13965). This article has been indexed from Cyware News – Latest Cyber News Read the…
WhisperGate Data-Wiping Malware Suspect Indicted
The US Department of Justice has indicted a 22-year-old Russian, Amin Timovich Stigal, for his alleged involvement in cyber attacks on Ukrainian government computers and critical infrastructure systems known as the “WhisperGate” attack. This article has been indexed from Cyware…
Cyber Insurance Terms Drive Companies To Invest More in Security, Report Finds
Approximately three-quarters of companies have made investments in cyber defense in order to qualify for cyber insurance, according to a report by Sophos and Vanson Bourne. This article has been indexed from Cyware News – Latest Cyber News Read the…
B+ Security Rating Masks Healthcare Supply Chain Risks
The healthcare sector received a “B+” security rating for the first half of 2024, indicating a decent level of security. However, it faces a significant vulnerability in the form of supply chain cyber risk. This article has been indexed from…
California Privacy Regulator to Partner With French Data Authority
The California Privacy Protection Agency (CPPA) has signed a partnership agreement with France’s Commission Nationale de l’Informatique et des Libertés (CNIL) to conduct joint research and share investigative findings on data privacy issues. This article has been indexed from Cyware…
Xeno RAT Spread via .gg Domains and GitHub
XenoRAT is being used by North Korean hackers and other actors targeting the gaming community. It is being spread through .gg domains and a GitHub repository disguised as Roblox scripting tools. This article has been indexed from Cyware News –…
Mitigating Skeleton Key, a New Type of Generative AI Jailbreak Technique
Microsoft has discovered a new type of jailbreak attack called Skeleton Key. This technique uses a multi-turn strategy to make the model ignore its guardrails, allowing it to generate forbidden content or override its decision-making rules. This article has been…
No Patches for Hospital Temperature Monitors’ Critical Flaws
Researchers at Nozomi Networks uncovered four vulnerabilities in Sensor Net Connect and three flaws in the Thermoscan IP desktop application, both made by a division of French firm Proges Plus. This article has been indexed from Cyware News – Latest…
Vanna AI Prompt Injection Vulnerability Enables RCE
The Vanna AI library has been found to have a vulnerability (CVE-2024-5565) that could allow for remote code execution (RCE) due to a prompt injection issue related to the Plotly script. This article has been indexed from Cyware News –…
PoC Exploit for Critical Fortra FileCatalyst Flaw Published
The vulnerability allows attackers to create administrative user accounts, modify and delete data in the application database, and potentially gain full control of vulnerable systems. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Malicious NPM Package Targets AWS Users to Deploy Backdoor
ReversingLabs researchers discovered a suspicious package on npm called legacyreact-aws-s3-typescript. They found that the package contained a post-install script that downloaded and executed a simple backdoor. This article has been indexed from Cyware News – Latest Cyber News Read the…
Korean Telco Allegedly Infected Around 600,000 P2P Users with Malware
South Korean telco KT has been accused of purposely infecting customers with malware as a result of excessive use of peer-to-peer (P2P) downloading tools. Around 600,000 users of online storage services have reportedly been affected. This article has been indexed…
Novel Snowblind Malware Targets Banking Customers in Southeast Asia
Snowblind is effective on all modern Android devices and primarily targets banking apps. It avoids detection by modifying the app and exploiting the Linux kernel’s seccomp feature to control the app’s system calls. This article has been indexed from Cyware…
Phantom Secrets: Undetected Secrets Expose Major Corporations
Major secrets, including cloud environment credentials, internal infrastructures, and telemetry platforms, have been found exposed on the internet due to Git-based processes and Source Code Management (SCM) platforms behavior. This article has been indexed from Cyware News – Latest Cyber…
Update: MOVEit Transfer Vulnerability Targeted Amid Disclosure Drama
The non-profit cybersecurity organization, the Shadowserver Foundation, has observed exploitation attempts against CVE-2024-5806. They noted that the exploitation began soon after the vulnerability details were made public. This article has been indexed from Cyware News – Latest Cyber News Read…
Chinese Cyberspies Employ Ransomware in Attacks for Diversion
The adoption of ransomware in cyberespionage attacks helps adversaries blur the lines between APT and cybercriminal activity, leading to potential misattribution or concealing the true nature of the operation. This article has been indexed from Cyware News – Latest Cyber…
Multiple Vulnerabilities in Siemens Power Automation Products
Siemens recently patched several vulnerabilities in its Sicam products that could be exploited to target the energy sector. The updates addressed two high-severity and one medium-severity flaws. This article has been indexed from Cyware News – Latest Cyber News Read…
New Medusa Malware Variants Target Android Users in Seven Countries
The Medusa banking trojan (aka TangleBot) operates as a malware-as-a-service, providing keylogging, screen controls, and SMS manipulation. Note that this operation is different from the ransomware gang and the Mirai-based botnet with the same name. This article has been indexed…
Malicious JavaScript Snippets Served Due to Supply Chain Attack on Polyfills Site
The polyfill.io domain, which offers JavaScript code to add functionality to older browsers, has been compromised and is infecting over 100,000 websites with malware. The domain was purchased by a Chinese organization earlier this year. This article has been indexed…
UK and US Law Enforcement Put Qilin Ransomware Criminals in the Crosshairs
UK and US law enforcement agencies have collaborated to combat the Qilin ransomware gang, which has targeted the global healthcare industry through several recent attacks. This article has been indexed from Cyware News – Latest Cyber News Read the original…
Zeek: Open-Source Network Traffic Analysis, Security Monitoring
Zeek is an open-source network analysis framework. Unlike an active security device such as a firewall, Zeek operates on a versatile ‘sensor’ that can be a hardware, software, virtual, or cloud platform. This article has been indexed from Cyware News…
Update: CISA Warns Chemical Facilities of Potential Data Theft
Although there was no evidence of data theft or lateral movement, the agency’s investigation revealed that unauthorized access to various sensitive information, including security plans and user accounts, may have occurred. This article has been indexed from Cyware News –…
Russian Hackers Target Ukraine with XWorm RAT Malware Payload
Cyble Research and Intelligence Labs (CRIL) researchers have discovered that a Russia-linked threat group known as UAC-0184 is targeting Ukraine using the XWorm remote access trojan (RAT). This article has been indexed from Cyware News – Latest Cyber News Read…
Authentication Bypasses in MOVEit Transfer and MOVEit Gateway
A critical security vulnerability, CVE-2024-5806, has been found in MOVEit Transfer, a popular file transfer software. The vulnerability allows attackers to bypass authentication checks and gain administrative access by sending manipulated requests. This article has been indexed from Cyware News…
Report: Cloud Breaches Impact Nearly Half of Organizations
According to the Thales 2024 Cloud Security Study, 44% of organizations have experienced a cloud data breach, with 14% reporting incidents in the past year. Human error and misconfigurations were the top root causes, affecting 31% of cases. This article…
Four FIN9-linked Vietnamese Hackers Indicted in $71M U.S. Cybercrime Spree
Ta Van Tai, Nguyen Viet Quoc, Nguyen Trang Xuyen, and Nguyen Van Truong are accused of conducting phishing campaigns and supply chain compromises to orchestrate cyberattacks and steal millions of dollars. This article has been indexed from Cyware News –…
FBI Warns of Fake Law Firms Targeting Crypto Scam Victims
The FBI has issued a warning about cybercriminals pretending to be law firms and lawyers offering cryptocurrency recovery services. These scammers target victims of investment scams, stealing funds and personal information. This article has been indexed from Cyware News –…
Android RAT SpyMax Targets Telegram Users
SpyMax does not require the targeted device to be rooted, making it easier for threat actors to cause damage. Once installed, SpyMax gathers personal information from the infected device without user consent and sends it to a remote threat actor.…
P2PInfect Botnet Targets Redis Servers with New Ransomware Module
P2PInfect, a previously dormant peer-to-peer malware botnet, has recently become active and is now targeting Redis servers. The botnet has introduced new features like cron-based persistence mechanisms and SSH lockout. This article has been indexed from Cyware News – Latest…