Cyber News
Auto Added by WPeMatico
-
This has been a difficult year for cybersecurity defenders, but 2024 may wind up being remembered more for its unforced errors, the mistakes that vendors and others made that resulted in incidents and headlines they’d rather forget. To make sure they don’t get a chance to forget – jk, we’re just trying to end a…
-
DarkVision RAT: A Persistent Threat Delivered via PureCrypter The DarkVision RAT malware campaign leverages the PureCrypter loader to infiltrate networks and compromise data across multiple sectors. Distributed through various phishing techniques and utilizing advanced obfuscation, DarkVision RAT exemplifies a highly effective attack strategy. DarkVision RAT, illustrated by DALL-E The trojan offers remote access capabilities, keylogging,…
-
A critical SQL injection vulnerability, identified as CVE-2024-45387, has been discovered in Apache Traffic Control, a widely used open-source platform for managing large-scale content delivery networks (CDNs). This vulnerability affects versions 8.0.0 through 8.0.1 of the software and has been assigned a CVSS score of 9.9, indicating its severe impact on system confidentiality, integrity, and…
-
The U.S. House of Representatives is set to vote next week on a defense bill that includes a provision allocating over $3 billion to remove Chinese telecom equipment from American networks. This action is part of ongoing efforts to address the security risks posed by Chinese-made technology, specifically equipment from major telecom companies from China.…
-
Indian Ministry of Electronics and Information Technology (MeitY) organized a conference at Bharat Mandapam, New Delhi, to accelerate digital transformation across India and strengthen cybersecurity measures. Chaired by MeitY Secretary S. Krishnan, the event brought together IT Secretaries and senior officials from 34 Indian States and Union Territories (UTs), alongside high-level representatives from MeitY, to…
-
A critical security vulnerability has been discovered in the widely-used Node.js package “systeminformation,” potentially exposing millions of systems to remote code execution (RCE) attacks. The flaw, identified as CVE-2024-56334, affects versions up to and including 5.23.6 of the package, which has over 8 million monthly downloads and a staggering 330 million total downloads. The vulnerability…
-
In a recent update, Ascension has provided new details regarding the cyberattack on its systems that occurred earlier this year. The Ascension data breach, which first came to light in June, was the result of a malicious file being downloaded by an employee, allowing cybercriminals to access Ascension’s network. Since then, the health system…
-
The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new vulnerability, CVE-2021-44207, to its Known Exploited Vulnerabilities (KEV) Catalog. This action follows evidence of active exploitation and aims to alert organizations to the potential risks posed by this vulnerability. Overview of CVE-2021-44207 CVE-2021-44207, identified in the Acclaim Systems USAHERDS web application…
-
Webmin, the popular web-based system administration tool, has been found to contain a critical security vulnerability that could allow attackers to seize control of servers. The vulnerability, identified as CVE-2024-12828, has been assigned a CVSS score of 9.9, indicating its severe nature. The flaw stems from a command injection vulnerability within Webmin’s CGI request handling.…
-
A newly discovered vulnerability, dubbed “G-Door,” allows malicious actors to circumvent Microsoft 365 security measures by exploiting unmanaged Google Docs accounts. This security flaw poses a significant threat to organizations relying on Microsoft 365’s Conditional Access (CA) policies for protection. The G-Door vulnerability stems from the ability to create personal or workspace Google accounts using…
-
A critical vulnerability in the popular PHP-based Craft CMS has been discovered, allowing unauthenticated attackers to execute remote code on affected systems. The security flaw, identified as CVE-2024-56145, affects default configurations of PHP and could potentially impact over 150,000 websites worldwide. The vulnerability stems from an unexpected behavior in PHP’s register_argc_argv configuration setting. When enabled,…
-
FBI has arrested Rostislav Panev, a 51-year-old dual Russian-Israeli national, for his alleged role as a developer within the notorious LockBit ransomware group. Panev’s arrest in Israel, following a U.S. provisional arrest request, marks a pivotal moment in ongoing efforts to dismantle one of the most prolific ransomware operations in history. Panev remains in custody…
-
A new phishing-as-a-service (PaaS) platform called “FlowerStorm” has emerged, targeting Microsoft 365 users. This platform has quickly gained traction following the unexpected disruption of its predecessor, Rockstar2FA, in November 2024. Rockstar2FA, an updated version of the DadSec phishing kit, suffered a partial infrastructure collapse on November 11, 2024. Sophos researchers Sean Gallagher and Mark Parsons…