Cyber Security
Auto Added by WPeMatico
-
A critical SQL injection vulnerability, identified as CVE-2024-45387, has been discovered in Apache Traffic Control, a widely used open-source platform for managing large-scale content delivery networks (CDNs). This vulnerability affects versions 8.0.0 through 8.0.1 of the software and has been assigned a CVSS score of 9.9, indicating its severe impact on system confidentiality, integrity, and…
-
Researchers uncovered a widespread and alarming trend involving data leaks from Postman, a widely used cloud-based API development and testing platform. The investigation reveals that improper management of Postman workspaces has resulted in over 30,000 publicly accessible collections exposing sensitive data, potentially paving the way for massive data breaches and unauthorized misuse. The TRIAD Team’s…
-
Renowned for cyber espionage activities targeting critical sectors in the Middle East, OilRig, also known as APT34 or Helix Kitten operates with precision, exploiting vulnerabilities and employing advanced techniques to… The post CVE-2024-30088 Under Attack: OilRig Targets Windows Kernel Vulnerability appeared first on Cybersecurity News.
-
The notorious cyber-espionage group Cloud Atlas, active since 2014, has been observed leveraging a new arsenal in its ongoing campaigns against Eastern Europe and Central Asia, according to a detailed… The post Cloud Atlas Deploys VBCloud backdoor in Latest Cyber Espionage Campaign appeared first on Cybersecurity News.
-
The Federal Bureau of Investigation (FBI), Department of Defense Cyber Crime Center (DC3), and Japan’s National Police Agency (NPA) have issued a joint press release detailing a major cryptocurrency theft…. The post North Korean Cyber Actors TraderTraitor Steal $308 Million in Cryptocurrency: DMM Breach Unveiled appeared first on Cybersecurity News.
-
Vulnerability-based attacks are growing. Undoubtedly, these attacks are hackers’ favorite ways to gain initial access. Such attacks rose by 124% in the third quarter of 2024 compared to 2023. Furthermore, the quick shot of hackers taking advantage of the security flaw (CVE-2024-5806) in Progress MOVEit Transfer amplifies the dreadfulness of unpatched vulnerabilities. Once the vulnerability…
-
Two malicious Python Package Index (PyPI) packages: Zebo-0.1.0 and Cometlogger-0.1, have been identified, posing a significant threat to user security. These packages, uploaded in November 2024, exploit unsuspecting developers and users, aiming to steal sensitive data such as login credentials, browsing history, and even financial information. The packages underline the importance of vigilance when using open-source software…
-
Adobe has issued updates to address a vulnerability in its ColdFusion software that could allow attackers to read arbitrary files from affected systems. The flaw, identified as CVE-2024-53961, has a proof-of-concept (PoC) exploit publicly available, heightening the urgency for system administrators to apply the newly released patches. Details of the Vulnerability The vulnerability is classified as…
-
A critical security vulnerability has been discovered in the widely-used Node.js package “systeminformation,” potentially exposing millions of systems to remote code execution (RCE) attacks. The flaw, identified as CVE-2024-56334, affects versions up to and including 5.23.6 of the package, which has over 8 million monthly downloads and a staggering 330 million total downloads. The vulnerability…
-
Junior Barros De Oliveira, a 29-year-old resident of Curitiba, Brazil, has been indicted in the United States for orchestrating an extortion scheme involving data stolen from the computer systems of a Brazilian subsidiary of a New Jersey-based company. U.S. Attorney Philip R. Sellinger announced the charges after the indictment was unsealed in Newark federal court.…
-
Cybercriminal groups are increasingly blending new and traditional techniques to steal sensitive information from unsuspecting users by deploying remote access tools (RATs) such as AsyncRAT and SectopRAT. Recent activity in the cyber threat landscape highlights how attackers are leveraging methods like SEO poisoning, typosquatting, and the misuse of legitimate remote monitoring and management (RMM) software…
-
Webmin, the popular web-based system administration tool, has been found to contain a critical security vulnerability that could allow attackers to seize control of servers. The vulnerability, identified as CVE-2024-12828, has been assigned a CVSS score of 9.9, indicating its severe nature. The flaw stems from a command injection vulnerability within Webmin’s CGI request handling.…
-
As the year comes to a close, State, Local, and Education (SLED) organizations must resharpen their focus on strengthening their cybersecurity defenses. With the growing complexity of cyber threats and the need to safeguard valuable data, it’s vital for SLED organizations to stay ahead of risks. Cybersecurity compliance consulting services offer guidance in navigating state……
-
Radware’s latest report unveils the emergence of the Holy League—a hacktivist formed in July 2024. This group is the result of a strategic merger between the pro-Russian High Society and… The post “Holy League” Hacktivist Group Emerges, Targets West appeared first on Cybersecurity News.
-
TRAC Labs recently unveiled a new phishing kit, named WikiKit, which is targeting industries across automotive, manufacturing, medical, and more. This sophisticated attack employs unique techniques to evade detection and… The post WikiKit Phishing Kit Targets Major Industries with Evasive Techniques appeared first on Cybersecurity News.
-
Cybercriminals are increasingly weaponizing cracked versions of legitimate vulnerability scanning tools, like the Araneida Scanner, for malicious activities, according to Silent Push Threat Analysts. Based on unauthorized modifications of Acunetix,… The post Cybercriminals Exploit Cracked Acunetix Scanner for Malicious Attacks appeared first on Cybersecurity News.
-
A newly discovered vulnerability, dubbed “G-Door,” allows malicious actors to circumvent Microsoft 365 security measures by exploiting unmanaged Google Docs accounts. This security flaw poses a significant threat to organizations relying on Microsoft 365’s Conditional Access (CA) policies for protection. The G-Door vulnerability stems from the ability to create personal or workspace Google accounts using…
-
Researchers discovered a malware campaign targeting the npm ecosystem, distributing the Skuld info stealer through malicious packages disguised as legitimate tools. The threat actor, “k303903,” compromised hundreds of machines before the packages were removed. Subsequent analysis revealed that “k303903” likely operates under the aliases “shegotit2” and “pressurized,” all exhibiting identical or highly similar tactics, techniques,…
-
A seemingly benign health app, “BMI CalculationVsn,” was found on the Amazon App Store, which secretly collected sensitive user data, including installed app package names and incoming SMS messages, posing a significant privacy threat. The BMI calculator app conceals malicious intent, as the app’s primary function is a smokescreen for a variety of harmful activities,…
-
The Lazarus Group has recently employed a sophisticated attack, dubbed “Operation DreamJob,” to target employees in critical sectors like nuclear energy, which involves distributing malicious archive files disguised as legitimate job offers. Once executed, these files unleash a multi-stage infection chain, comprising a downloader, loader, and backdoor, allowing the threat actor to establish persistent access…